Vulnerabilities > Coronamatrix > Phpaddressbook > 2.0

DATE CVE VULNERABILITY TITLE RISK
2009-09-01 CVE-2008-7145 SQL Injection vulnerability in Coronamatrix PHPaddressbook 2.0
Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters.
network
low complexity
coronamatrix CWE-89
7.5
7.5
2009-04-07 CVE-2008-6646 Cross-Site Scripting vulnerability in Coronamatrix PHPaddressbook 2.0
Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter. 		4.3
4.3