Vulnerability Description
In PHPJabbers Cleaning Business Software 1.0, there is no encryption on user passwords allowing an attacker to gain access to all user accounts.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpjabbers | Cleaning Business Software | 1.0 |
Related Weaknesses (CWE)
References
- https://medium.com/%40blakehodder/additional-vulnerabilities-in-php-jabbers-scri
- https://www.phpjabbers.com/cleaning-business-software/Product
- https://medium.com/%40blakehodder/additional-vulnerabilities-in-php-jabbers-scri
- https://www.phpjabbers.com/cleaning-business-software/Product
FAQ
What is CVE-2023-36140?
CVE-2023-36140 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In PHPJabbers Cleaning Business Software 1.0, there is no encryption on user passwords allowing an attacker to gain access to all user accounts.
How severe is CVE-2023-36140?
CVE-2023-36140 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-36140?
Check the references section above for vendor advisories and patch information. Affected products include: Phpjabbers Cleaning Business Software.