Coronamatrix Phpaddressbook vulnerabilities
4 known vulnerabilities affecting coronamatrix/phpaddressbook.
Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-7145P3HIGHCVSS 7.5PoCv2.02009-09-01
CVE-2008-7145 [HIGH] CWE-89 CVE-2008-7145: Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote
Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters.
nvd
CVE-2008-1492P3HIGHCVSS 7.5PoCv2.112008-03-25
CVE-2008-1492 [HIGH] CWE-20 CVE-2008-1492: Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attack
Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php and (2) install.php. NOTE: it was later reported that vector 1 is also present in 2.0.
nvd
CVE-2008-1847P3HIGHCVSS 7.5PoCv2.112008-04-16
CVE-2008-1847 [HIGH] CWE-89 CVE-2008-1847: SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers
SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers to execute arbitrary SQL commands via the id parameter.
nvd
CVE-2008-6646P4MEDIUMCVSS 4.3v2.02009-04-07
CVE-2008-6646 [MEDIUM] CWE-79 CVE-2008-6646: Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remo
Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
nvd