Volerion logoVolerion
Volerion logoVolerion

PHPJabbers Cleaning Business Software Rate Limiting Vulnerability in Forgot Password Feature

Vulnerability

A denial-of-service vulnerability has been identified in PHPJabbers Cleaning Business Software version 1.0, stemming from a lack of rate limiting in the 'Forgot Password' feature. This vulnerability allows attackers to send a high volume of email reset requests on behalf of a legitimate user, potentially overwhelming the user's inbox with messages.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition for users, causing their email accounts to be flooded with excessive reset request messages.

Reproduction

To reproduce this vulnerability, access the 'Forgot Password' feature and use a registered email address. Capture the request with a tool like Burp Suite, then send multiple reset requests using the Intruder feature. The targeted email inbox will receive a large number of reset messages, demonstrating the denial-of-service impact.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
1.0
impact
2.5
exploitability
9.7
remediation
0.0
relevance
0.0
threat
6.4
urgency
2.9
incentive
10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.