Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2566

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-2566
Last Modified 10 Jan 2015 09:59:02
Published 06 Jun 2008 02:32:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2566

Summary

Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the group parameter to (1) index.php or (2) the default URI.

Vulnerable Systems

Application

  • Php-address Book 3.1.5


References

XF - phpaddressbook-group-xss(42856)

MILW0RM - 5739

SECUNIA - 30540

XF - phpaddressbook-grouppara-xss(99624)

MISC - http://packetstormsecurity.com/files/129789/PHP-Address-Book-Cross-Site-Scripting-SQL-Injection.html


Last Updated: 27 May 2016 11:07:28