Phoetux.net » Phxcontacts : Security Vulnerabilities, CVEs,
Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts 0.93.1 beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) motclef and (2) nbr_line_view parameters in (a) carnet.php, and the (3) id_contact parameter in (b) contact_view.php.
Max CVSS
7.5
EPSS Score
0.16%
Published
2006-03-30
Updated
2018-10-18
Cross-site scripting (XSS) vulnerability in login.php in Phoetux.net PhxContacts 0.93.1 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter.
Max CVSS
4.3
EPSS Score
0.20%
Published
2006-03-30
Updated
2018-10-18
2 vulnerabilities found