5 matches found
Design/Logic Flaw
Mail in Apple iOS before 9 allows remote attackers to use an address-book contact as a spoofed e-mail sender address via unspecified vectors...
Sql injection
SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact...
CVE-2014-3978
SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact...
CVE-2014-3978
TomatoCart 1.x (stable) is affected by CVE-2014-3978: an SQL injection in the address book creation flow (First name/Last name fields) that allows remote authentication-based attacker to inject arbitrary SQL. Affected software version is TomatoCart 1.1.8.6.1. Public references include OpenVAS and...
FreeBSD : turba -- XSS vulnerabilities in several of the address book name and contact data fields (eeebd55d-6a88-11da-b96e-000fb586ba73)
Announce of Turba H3 2.0.5 final : This 2.0.5 is a security release that fixes cross site scripting vulnerabilities in several of the address book name and contact data fields. None of the vulnerabilities can be exploited by unauthenticated users; however, we strongly recommend that all users of...