Description
Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) edit.php or (2) import.php. NOTE: the view.php id vector is already covered by CVE-2008-2565.1 and the edit.php id vector is already covered by CVE-2008-2565.2.
Remediation
References
Related Vulnerabilities
OpenSSL Other Vulnerability (CVE-2003-0544)
Ruby Resource Management Errors Vulnerability (CVE-2008-3656)
WordPress Plugin Bulk Add to Cart for WooCommerce Security Bypass (1.2.2)
WordPress Plugin WooCommerce Cross-Seller Unspecified Vulnerability (1.0.2)
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15400)