Browse all 5 CVE security advisories affecting PHPJabbers. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PHPJabbers develops PHP-based web applications, including directory scripts, classifieds platforms, and content management systems. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and insecure authentication mechanisms. While no major public security incidents have been documented, the five CVEs on record highlight recurring issues in sanitizing user-supplied data and managing access controls. Their applications typically require hardening to mitigate risks associated with default configurations and inadequate session management, emphasizing the need for regular security updates and proper implementation by end users.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-53926 | PHPJabbers Simple CMS 5.0 SQL Injection via Column Parameter — Simple CMSCWE-89 | 9.8 | Critical | 2025-12-17 |
| CVE-2023-53927 | PHPJabbers Simple CMS 5.0 Stored Cross-Site Scripting via Section Creation — Simple CMSCWE-79 | 5.4 | Medium | 2025-12-17 |
| CVE-2023-53877 | Bus Reservation System 1.1 Multiple SQL Injection via pickup_id Parameter — Bus Reservation SystemCWE-89 | 9.1AI | CriticalAI | 2025-12-15 |
| CVE-2023-53878 | Member Login Script 3.3 Client-Side Request Desynchronization Vulnerability — Member Login ScriptCWE-444 | 7.5AI | HighAI | 2025-12-15 |
| CVE-2025-10827 | PHPJabbers Restaurant Menu Maker preview.php cross site scripting — Restaurant Menu MakerCWE-79 | 4.3 | Medium | 2025-09-23 |
This page lists every published CVE security advisory associated with PHPJabbers. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.