Php Address Book@8.2.5 Security Vulnerabilities and Issues — Php Address Book@8.2.5 CVE List

Lucene search

ChatelaoPhp Address Book8.2.5

4 matches found

CVE•added 2013/04/09 3:34 a.m.•43 views

CVE-2013-0135

Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) addressbook/register/edit_user_save.php; the email parameter to ...

7.5CVSS8.8AI score0.02574EPSS

CVE•added 2013/04/18 11:33 a.m.•35 views

CVE-2013-1749

Cross-site scripting (XSS) vulnerability in edit.php in PHP Address Book 8.2.5 allows user-assisted remote attackers to inject arbitrary web script or HTML via the Address field.

4.3CVSS5.9AI score0.00225EPSS

CVE•added 2013/04/09 3:34 a.m.•33 views

CVE-2013-2778

Cross-site request forgery (CSRF) vulnerability in addressbook/register/delete_user.php in PHP Address Book 8.2.5 allows remote attackers to hijack the authentication of administrators for requests that delete accounts, a different vulnerability than CVE-2013-0135.1.

7.5CVSS7.2AI score0.02574EPSS

CVE•added 2013/04/18 11:33 a.m.•30 views

CVE-2013-1748

Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) edit.php or (2) import.php. NOTE: the view.php id vector is already covered by CVE-2008-2565.1 and the edit.php id vector is already covered by...

7.5CVSS8.6AI score0.01593EPSS