Phpaddressbook Security Vulnerabilities and Issues — Phpaddressbook CVE List

Lucene search

CoronamatrixPhpaddressbook

4 matches found

CVE•added 2009/04/07 2:17 p.m.•34 views

CVE-2008-6646

Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter.

4.3CVSS5.9AI score0.00254EPSS

CVE•added 2008/04/16 5:5 p.m.•31 views

CVE-2008-1847

SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5CVSS8.4AI score0.00284EPSS

CVE•added 2008/03/25 7:44 p.m.•29 views

CVE-2008-1492

Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php and (2) install.php. NOTE: it was later reported that vector 1 is also present in 2.0.

7.5CVSS7.2AI score0.11438EPSS

CVE•added 2009/09/01 4:30 p.m.•29 views

CVE-2008-7145

Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters.

7.5CVSS8.8AI score0.00107EPSS