Vulnerability Database

309,469

Total vulnerabilities in the database

CVE-2023-51298

PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file.

Published: Feb 19, 2025
Updated: Nov 16, 2025
CVE: CVE-2023-51298
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.7
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

CWEs:

CWE-1236

Affected Software
References

Software	From	Fixed in
phpjabbers / event_booking_calendar	4.0	4.0.x

http://packetstormsecurity.com/files/176487/PHPJabbers-Event-Booking-Calendar-4.0-CSV-Injection.html
https://www.phpjabbers.com/event-booking-calendar/#sectionDemo

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo