Multiple SQL Injection Vulnerabilities in PHP Address Book by PHP Group
CVE-2012-1911

Currently unrated

Key Information:

Vendor

Chatelao

Status
PHP Address Book
Vendor
CVE Published:
9 September 2012

What is CVE-2012-1911?

Multiple SQL injection vulnerabilities affect PHP Address Book versions 6.2.12 and earlier. Remote attackers can exploit these vulnerabilities through the 'to_group' parameter in group.php or the 'id' parameter in vcard.php, potentially executing arbitrary SQL commands. This compromises the integrity of the database and may lead to unauthorized access to sensitive information. It is important for users and administrators to secure their installations and apply necessary updates or patches to mitigate these security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.exploit-db.com/exploits/18578
exploitx_refsource_EXPLOIT-DB
https://exchange.xforce.ibmcloud.com/vulnerabilities/73943
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/52396
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.