2008-06-06 20:32:00 2018-10-11 22:41:52

Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Php-address book Php-address book 2.1.1 (not an official CPE) Php-address book Php-address book 2.2 (not an official CPE) Php-address book Php-address book 2.3 (not an official CPE) Php-address book Php-address book 2.4 (not an official CPE) Php-address book Php-address book 2.6 (not an official CPE) Php-address book Php-address book 3.0 (not an official CPE) Php-address book Php-address book 3.1 (not an official CPE) Php-address book Php-address book 3.1.1 (not an official CPE) Php-address book Php-address book 3.1.2 (not an official CPE) Php-address book Php-address book 3.1.3 (not an official CPE) Php-address book Php-address book 3.1.4 (not an official CPE) Php-address book Php-address book 3.1.5 (not an official CPE) Php-address book Php-address book 3.3.16 (not an official CPE) Php-address book Php-address book 3.3.17 (not an official CPE) Php-address book Php-address book 3.3.18 (not an official CPE) Php-address book Php-address book 4.0 (not an official CPE) Php-address book Php-address book 3.4.8 (not an official CPE) Php-address book Php-address book 3.4.7 (not an official CPE) Php-address book Php-address book 3.4.6 (not an official CPE) Php-address book Php-address book 3.4.5 (not an official CPE) Php-address book Php-address book 3.4.4 (not an official CPE) Php-address book Php-address book 3.4.3 (not an official CPE) Php-address book Php-address book 3.4.2 (not an official CPE) Php-address book Php-address book 3.4.1 (not an official CPE) Php-address book Php-address book 3.4 (not an official CPE) Php-address book Php-address book 2.1 (not an official CPE) Php-address book Php-address book 2.0 (not an official CPE) Php-address book Php-address book 1.2 (not an official CPE) Php-address book Php-address book 1.0 (not an official CPE)