Published: 06/06/2008 Updated: 29/09/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 3.1.5 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the group parameter to (1) index.php or (2) the default URI.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php-address book php-address book

============================================================ PHP-Address Book (SQL/XSS) Multiple Remote Vulnerabilities ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| `--------' | O CWH Underground Hacking Team `+---------------------------^----------| ...

Advisory: PHP Address Book 6212 Multiple security vulnerabilities Advisory ID: SSCHADV2012-007 Author: Stefan Schurtz Affected Software: Successfully tested on PHP Address Book 6212 Vendor URL: sourceforgenet/projects/php-addressbook/ Vendor Status: informed ========================== Vulnerability Description =================== ...

CWE-79 http://secunia.com/advisories/30540 http://packetstormsecurity.com/files/129789/PHP-Address-Book-Cross-Site-Scripting-SQL-Injection.html https://exchange.xforce.ibmcloud.com/vulnerabilities/99624 https://exchange.xforce.ibmcloud.com/vulnerabilities/42856 https://www.exploit-db.com/exploits/5739 https://nvd.nist.gov https://www.exploit-db.com/exploits/5739/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-2566

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect