Vulnerabilities > PHP Address Book

DATE CVE VULNERABILITY TITLE RISK
2008-06-06 CVE-2008-2566 Cross-Site Scripting vulnerability in PHP-Address Book PHP-Address Book
Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the group parameter to (1) index.php or (2) the default URI.
4.3
2008-06-06 CVE-2008-2565 SQL Injection vulnerability in PHP-Address Book PHP-Address Book
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php.
network
low complexity
php-address-book CWE-89
7.5