Lucene search
K
CoronamatrixPhpaddressbook

4 matches found

CVE
CVE
added 2008/04/16 5:0 p.m.41 views

CVE-2008-1847

CVE-2008-1847 is a SQL injection vulnerability in CoronaMatrix phpAddressBook 2.11, specifically in view.php where the id parameter can be exploited remotely to execute arbitrary SQL commands. This vulnerability is evidenced across multiple sources (NVD entry, CVE list, PRIO/CVELIST) with a CVSSv...

7.5CVSS8.4AI score0.00967EPSS
CVE
CVE
added 2009/04/07 10:0 a.m.41 views

CVE-2008-6646

CVE-2008-6646 affects CoronaMatrix phpAddressBook 2.0, where index.php processes the username parameter. The vulnerability is a cross-site scripting (XSS) flaw caused by inadequate sanitization of user input, enabling remote attackers to inject arbitrary script/HTML in victims’ browsers. Exploita...

4.3CVSS5.9AI score0.01062EPSS
Web
CVE
CVE
added 2008/03/25 7:0 p.m.37 views

CVE-2008-1492

CVE-2008-1492 affects CoronaMatrix phpAddressBook 2.11 (and noted vector in 2.0). The issue is directory traversal via a ".." in the skin parameter, exploitable in index.php and install.php to include and execute arbitrary local files. This enables remote attackers to access local files and poten...

7.5CVSS7.2AI score0.03159EPSS
CVE
CVE
added 2009/09/01 4:0 p.m.37 views

CVE-2008-7145

CVE-2008-7145 describes multiple SQL injection vulnerabilities in index.php of CoronaMatrix phpAddressBook 2.0, allowing remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters. The root cause is listed as SQL injection in the affected PHP file. Affected software...

7.5CVSS8.8AI score0.00961EPSS