CVE-2023-36140

CRITICAL

PHPJabbers Cleaning Business Software 1.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

In PHPJabbers Cleaning Business Software 1.0, there is no encryption on user passwords allowing an attacker to gain access to all user accounts.

Scores

CVSS v3 9.8
EPSS 0.0044
EPSS Percentile 35.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-862
Status published
Products (1)
phpjabbers/cleaning_business_software 1.0
Published Sep 11, 2023
Tracked Since Feb 18, 2026