Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2565.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-07-27T18:00:00
Updated: 2018-10-10T18:57:01
Reserved: 2009-07-27T00:00:00
Link: CVE-2009-2608
JSON object: View
NVD Information
Status : Modified
Published: 2009-07-27T18:30:00.233
Modified: 2018-10-10T19:40:51.840
Link: CVE-2009-2608
JSON object: View
Redhat Information
No data.
CWE