CVE-2009-2608
N/A
N/A
Summary
Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2565.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/35511
- http://secunia.com/advisories/35590
- http://www.securityfocus.com/archive/1/504595/100/0/threaded
- http://www.exploit-db.com/exploits/9023
References
- http://www.securityfocus.com/bid/35511
- http://secunia.com/advisories/35590
- http://www.securityfocus.com/archive/1/504595/100/0/threaded
- http://www.exploit-db.com/exploits/9023
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.