CVE-2023-51320

Published: Feb 20, 2025Modified: Jun 17, 2026

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file.

Affected (1)

Products: Phpjabbers: Night Club Booking Software

1 product

Night Club Booking Software

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Phpjabbers Night Club Booking Software	Version 1.0

Related CWEs

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (3)

https://packetstorm.news/files/id/176501

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

https://www.phpjabbers.com/night-club-booking-software/#sectionDemo

Source: cve@mitre.org

Product

http://packetstormsecurity.com/files/176501/PHPJabbers-Night-Club-Booking-Software-1.0-CSV-Injection.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.