CVE-2024-48589

Cross Site Scripting vulnerability in Gilnei Moraes phpABook v.0.9 allows a remote attacker to execute arbitrary code via the rol parameter in index.php...

CVE-2024-48589

Cross Site Scripting vulnerability in Gilnei Moraes phpABook v.0.9 allows a remote attacker to execute arbitrary code via the rol parameter in index.php...

CVE-2024-48589

CVE-2024-48589 affects Gilnei Moraes phpABook v0.9. It is a Cross Site Scripting vulnerability in index.php via the rol parameter, allowing a remote attacker to cause arbitrary code execution in the context of the victim’s browser. Public references describe a payload path that enables XSS, with ...

phpABook 安全漏洞

phpABook is a simple address/contact management system using PHP and MySQL by the individual developer Gilnei Moraes in Brazil. A security vulnerability exists in phpABook version v.0.9. An attacker can exploit this vulnerability to execute arbitrary code via the rol parameter in index.php...

PT-2025-5874 · Gilnei Moraes · Phpabook

Name of the Vulnerable Software and Affected Versions: Gilnei Moraes phpABook version 0.9 Description: The issue allows a remote attacker to execute arbitrary code via the rol parameter in "index.php". This is a Cross Site Scripting issue. Recommendations: For Gilnei Moraes phpABook version 0.9,...

Exploit for CVE-2024-48589

phpAbook 9.0i - Cross-Site Scripting XSS Vulnerability CVE-...