PHP Address Book CVE-2013-0135 Multiple SQL Injection Vulnerabilities
BID:58911
Info
PHP Address Book CVE-2013-0135 Multiple SQL Injection Vulnerabilities
| Bugtraq ID: | 58911 |
| Class: | Input Validation Error |
| CVE: |
CVE-2013-0135 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 05 2013 12:00AM |
| Updated: | Apr 05 2013 12:00AM |
| Credit: | Jurgen Voorneveld of Acadion Security. |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
PHP Address Book CVE-2013-0135 Multiple SQL Injection Vulnerabilities
PHP Address Book is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input.
A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
PHP Address Book 8.2.5 is vulnerable; other versions may also be affected.
PHP Address Book is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input.
A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
PHP Address Book 8.2.5 is vulnerable; other versions may also be affected.