Phpaddressbook
by Coronamatrix
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-7145 | 0.03 | — | 0.01 | Sep 1, 2009 | Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters. | |||
| CVE-2008-1847 | 0.03 | — | 0.01 | Apr 16, 2008 | SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2008-1492 | 0.03 | — | 0.03 | Mar 25, 2008 | Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php and (2) install.php. NOTE: it was later reported that vector 1 is also… | |||
| CVE-2008-6646 | 0.00 | — | 0.01 | Apr 7, 2009 | Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter. |
- CVE-2008-7145Sep 1, 2009risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters.
- CVE-2008-1847Apr 16, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2008-1492Mar 25, 2008risk 0.03cvss —epss 0.03
Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php and (2) install.php. NOTE: it was later reported that vector 1 is also…
- CVE-2008-6646Apr 7, 2009risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter.