CVE-2012-2903
21.05.2012, 18:55
Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 7.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to group.php, or the (2) target_language or (3) target_flag parameter to translate.php.
| Vendor | Product | Version |
|---|---|---|
| chatelao | php_address_book | 𝑥 ≤ 6.1.1 |
| chatelao | php_address_book | 1.0 |
| chatelao | php_address_book | 1.2 |
| chatelao | php_address_book | 2.0 |
| chatelao | php_address_book | 2.1 |
| chatelao | php_address_book | 2.1.1 |
| chatelao | php_address_book | 2.2 |
| chatelao | php_address_book | 2.3 |
| chatelao | php_address_book | 2.4 |
| chatelao | php_address_book | 2.6 |
| chatelao | php_address_book | 3.0 |
| chatelao | php_address_book | 3.1 |
| chatelao | php_address_book | 3.1.1 |
| chatelao | php_address_book | 3.1.2 |
| chatelao | php_address_book | 3.1.3 |
| chatelao | php_address_book | 3.1.4 |
| chatelao | php_address_book | 3.1.5 |
| chatelao | php_address_book | 3.1.6 |
| chatelao | php_address_book | 3.2 |
| chatelao | php_address_book | 3.2.1 |
| chatelao | php_address_book | 3.2.2 |
| chatelao | php_address_book | 3.2.3 |
| chatelao | php_address_book | 3.2.4 |
| chatelao | php_address_book | 3.2.5 |
| chatelao | php_address_book | 3.2.6 |
| chatelao | php_address_book | 3.2.7 |
| chatelao | php_address_book | 3.2.8 |
| chatelao | php_address_book | 3.2.9 |
| chatelao | php_address_book | 3.2.10 |
| chatelao | php_address_book | 3.2.11 |
| chatelao | php_address_book | 3.2.12 |
| chatelao | php_address_book | 3.2.13 |
| chatelao | php_address_book | 3.2.14 |
| chatelao | php_address_book | 3.3 |
| chatelao | php_address_book | 3.3.1 |
| chatelao | php_address_book | 3.3.2 |
| chatelao | php_address_book | 3.3.3 |
| chatelao | php_address_book | 3.3.4 |
| chatelao | php_address_book | 3.3.5 |
| chatelao | php_address_book | 3.3.6 |
| chatelao | php_address_book | 3.3.7 |
| chatelao | php_address_book | 3.3.8 |
| chatelao | php_address_book | 3.3.9 |
| chatelao | php_address_book | 3.3.10 |
| chatelao | php_address_book | 3.3.12 |
| chatelao | php_address_book | 3.3.13 |
| chatelao | php_address_book | 3.3.14 |
| chatelao | php_address_book | 3.3.15 |
| chatelao | php_address_book | 3.3.16 |
| chatelao | php_address_book | 3.3.17 |
| chatelao | php_address_book | 3.3.18 |
| chatelao | php_address_book | 3.4 |
| chatelao | php_address_book | 3.4.1 |
| chatelao | php_address_book | 3.4.2 |
| chatelao | php_address_book | 3.4.3 |
| chatelao | php_address_book | 3.4.4 |
| chatelao | php_address_book | 3.4.5 |
| chatelao | php_address_book | 3.4.6 |
| chatelao | php_address_book | 3.4.7 |
| chatelao | php_address_book | 3.4.8 |
| chatelao | php_address_book | 3.4.9 |
| chatelao | php_address_book | 4.0 |
| chatelao | php_address_book | 4.0.2 |
| chatelao | php_address_book | 4.1.1 |
| chatelao | php_address_book | 4.1.3 |
| chatelao | php_address_book | 4.1.4 |
| chatelao | php_address_book | 5.0 |
| chatelao | php_address_book | 5.0:beta |
| chatelao | php_address_book | 5.1 |
| chatelao | php_address_book | 5.2 |
| chatelao | php_address_book | 5.3 |
| chatelao | php_address_book | 5.4 |
| chatelao | php_address_book | 5.4.1 |
| chatelao | php_address_book | 5.4.2 |
| chatelao | php_address_book | 5.4.3 |
| chatelao | php_address_book | 5.4.4 |
| chatelao | php_address_book | 5.4.5 |
| chatelao | php_address_book | 5.4.6 |
| chatelao | php_address_book | 5.4.7 |
| chatelao | php_address_book | 5.4.9 |
| chatelao | php_address_book | 5.5 |
| chatelao | php_address_book | 5.6 |
| chatelao | php_address_book | 5.7 |
| chatelao | php_address_book | 5.7.1 |
| chatelao | php_address_book | 5.7.2 |
| chatelao | php_address_book | 5.7.3 |
| chatelao | php_address_book | 5.7.4 |
| chatelao | php_address_book | 5.7.5 |
| chatelao | php_address_book | 5.8.1 |
| chatelao | php_address_book | 6.0 |
| chatelao | php_address_book | 6.1 |
𝑥
= Vulnerable software versions
References