cbcvebase.

Coronamatrix Phpaddressbook vulnerabilities

4 known vulnerabilities affecting coronamatrix/phpaddressbook.

Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2008-7145P3HIGHCVSS 7.5PoCv2.02009-09-01
CVE-2008-7145 [HIGH] CWE-89 CVE-2008-7145: Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters.
nvd
CVE-2008-1492P3HIGHCVSS 7.5PoCv2.112008-03-25
CVE-2008-1492 [HIGH] CWE-20 CVE-2008-1492: Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attack Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php and (2) install.php. NOTE: it was later reported that vector 1 is also present in 2.0.
nvd
CVE-2008-1847P3HIGHCVSS 7.5PoCv2.112008-04-16
CVE-2008-1847 [HIGH] CWE-89 CVE-2008-1847: SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers to execute arbitrary SQL commands via the id parameter.
nvd
CVE-2008-6646P4MEDIUMCVSS 4.3v2.02009-04-07
CVE-2008-6646 [MEDIUM] CWE-79 CVE-2008-6646: Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remo Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
nvd
Coronamatrix Phpaddressbook vulnerabilities | cvebase