CVE-2008-2566

N/A Unknown

Published: June 06, 2008 Modified: April 23, 2026

Description

Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the group parameter to (1) index.php or (2) the default URI.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://packetstormsecurity.com/files/129789/PHP-Address-Book-Cross-Site-Scripting-SQL-Injection.html

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/30540

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/42856

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/99624

Source: cve@mitre.org

https://www.exploit-db.com/exploits/5739

Source: cve@mitre.org

http://packetstormsecurity.com/files/129789/PHP-Address-Book-Cross-Site-Scripting-SQL-Injection.html