CVE-2008-2565

Published Jun 6, 2008
Last updated 6 years ago
CVSS info 7.5
Overview

Description: Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-89
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDFDADFC-193B-463B-942D-F6863AD73211",
            "versionEndIncluding": "4.0"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EC51D21-A5A5-443B-B2F9-293F1C402CAC"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24570B05-955E-4304-AB7D-4A7FB5BC8626"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A3367D1-78D8-4A2C-A841-6BC11ECFE872"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "830CA43A-E3DE-4084-9A1A-302002871F1B"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3816C93-4BC9-49E5-B8FF-2132955B2EF5"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A6C5ADB-D36E-4C5B-96E7-1039565C590B"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACCFD670-EA54-4C06-B6F1-CD1F0605CA86"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3236E66F-FA39-43BD-8BAB-911E732E3C94"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F0AB28E-3801-407B-AB24-7541CE77FF72"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56C246C0-4870-4CA8-979C-618D5A3E09B2"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "464682B9-DEFB-48A4-B991-D9EB95D7B8F1"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BA1F770-4A4A-4B45-819A-03072084EAC6"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F63047E-144C-4FA7-A38C-39096840DC61"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9161AF9-BCB8-4CC4-9322-AEB076E67553"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE43EBA3-6067-46B8-A508-54F359CC98A8"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "963B094C-4BF7-426B-BBD0-EBDA2C17A086"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.3.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50E9922B-A95B-4CE9-B0F8-529BA2CD4057"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.3.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98AE2D6D-F8A3-4056-8039-0F51B6FF5DB0"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.3.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96914364-02D5-4ACF-91D6-2B476682CF90"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "320D33D1-82E3-4D14-B70F-BC4DD59B13F6"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "582DAE00-4F47-432C-8B51-A43F742029C2"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8367E82F-57BC-4BF4-A92A-D5E15FBAA7CA"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C988DFC5-903D-47C9-962A-BD7D40ACA798"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB86312B-0BC4-4C92-82BC-1B548808F39B"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC0410C5-FC80-4BE2-9A01-FA7394647BAA"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98703992-C562-4CA8-B202-EBFE2BB05793"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBE7EBFD-8591-489E-9FC4-4EFE206008AD"
          },
          {
            "criteria": "cpe:2.3:a:php-address_book:php-address_book:3.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "880D8F5E-A9E1-4506-B695-3E979E13E196"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
