Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Phpabook Project Subscribe
Filtered by product Phpabook
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-30352 1 Phpabook Project 1 Phpabook 2024-11-21 7.5 HIGH 9.8 CRITICAL
phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "auth_user" parameter in index.php script.
CVE-2020-8510 1 Phpabook Project 1 Phpabook 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en (user+perms+lang), one can login as any user without a password.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024