Lucene search
+L

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-4569

Malware in sbrugna...

5CVSS6.4AI score0.01222EPSS
Exploits0References6
CVE
CVE
added 2007/01/03 8:0 p.m.42 views

CVE-2006-4582

The CVE-2006-4582 entry describes a Cross-site request forgery (CSRF) vulnerability affecting The Address Book 1.04e. The issue allows remote attackers to perform unauthorized actions as other users, demonstrated by deleting arbitrary users via the id parameter in a deleteuser action in users.php...

5CVSS7.4AI score0.01232EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2007/01/03 8:0 p.m.22 views

CVE-2006-4582

Cross-site request forgery CSRF vulnerability in The Address Book 1.04e allows remote attackers to perform unauthorized actions as other users via unspecified vectors, as demonstrated by deleting arbitrary users via the id parameter in a deleteuser action in users.php...

7AI score0.01232EPSS
Exploits1References4
Cvelist
Cvelist
added 2007/01/03 8:0 p.m.19 views

CVE-2006-4581

Unrestricted file upload vulnerability in The Address Book 1.04e validates the Content-Type header but not the file extension, which allows remote attackers to upload arbitrary PHP scripts...

6.9AI score0.01222EPSS
Exploits0References5
CVE
CVE
added 2007/01/03 8:0 p.m.48 views

CVE-2006-4575

The CVE-2006-4575 entry describes multiple SQL injection vulnerabilities in The Address Book 1.04e. Affected components include user.php (parameters: lastname, firstname, passwordOld, passwordNew, id, language, defaultLetter, newuserPass, newuserType, newuserEmail), search.php (parameters: goTo, ...

7.5CVSS8.9AI score0.02113EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2007/01/03 8:0 p.m.46 views

CVE-2006-4576

The vulnerability CVE-2006-4576 is an XSS in The Address Book 1.04e where remote attackers can inject arbitrary web script by uploading an HTML file with a GIF/JPG extension, which is then rendered by Internet Explorer. The provided connected documents confirm the affected product/version and the...

6.8CVSS5.9AI score0.01299EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2007/01/03 8:0 p.m.44 views

CVE-2006-4580

The CVE concerns The Address Book 1.04e: register.php allows remote attackers to bypass the 'Allow User Self-Registration' setting by supplying mode=confirm, enabling creation of arbitrary users. This is a client-side/configuration abuse affecting user provisioning, with the root cause described ...

7.5CVSS7.2AI score0.01398EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2006/12/31 5:0 a.m.17 views

CVE-2006-4581

Unrestricted file upload vulnerability in The Address Book 1.04e validates the Content-Type header but not the file extension, which allows remote attackers to upload arbitrary PHP scripts...

5CVSS6.9AI score0.01222EPSS
Exploits0References5
Rows per page
Query Builder