Cross Site Request Forgery (CSRF) vulnerability in PHPJabbers Limo Booking Software 1.0 allows unauthorized addition of admin user

Cross Site Request Forgery (CSRF) vulnerability in PHPJabbers Limo Booking Software 1.0 allows unauthorized addition of admin user

CVE-2023-43147 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI.

Learn more about our User Device Pen Test.