The Address Book Multiple Remote Vulnerabilities

The Address Book Multiple Remote Vulnerabilities

The Address Book is prone to multiple remote vulnerabilities. These issues include multiple SQL-injection vulnerabilities, multiple HTML-injections, an information-disclosure vulnerability, a local file-include vulnerability, multiple cross-site scripting vulnerabilities, an authentication-bypass vulnerability, and arbitrary file-upload vulnerability.

A successful exploit of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, exploit vulnerabilities in the underlying database implementation, and execute arbitrary code within the context of the browser. Other attacks are also possible.

Version 0.1 is vulnerable to this issue; other versions may also be affected.