Telephone: >> Telephone Directory 2008 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in edit1.php in Telephone Directory 2008 allows remote attackers to inject arbitrary web script or HTML via the action parameter.
CVSS Score
4.3
EPSS Score
0.011
Published
2008-06-12
Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) code parameter in a confirm_data action to edit1.php and the (2) id parameter to view_more.php.
CVSS Score
7.5
EPSS Score
0.001
Published
2008-06-12