{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-03-03T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in preferences.php in PHP Address Book 7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the from parameter. NOTE: the index.php vector is already covered by CVE-2008-2566."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "42781", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42781"}, {"name": "18578", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/18578"}, {"name": "53598", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/53598"}, {"name": "49212", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/49212"}, {"name": "52396", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/52396"}, {"tags": ["x_refsource_MISC"], "url": "http://sourceforge.net/tracker/?func=detail&aid=3501716&group_id=157964&atid=805929"}, {"tags": ["x_refsource_MISC"], "url": "http://sourceforge.net/tracker/?func=detail&aid=3496653&group_id=157964&atid=805929"}, {"tags": ["x_refsource_MISC"], "url": "http://www.darksecurity.de/advisories/2012/SSCHADV2012-007.txt"}, {"name": "phpaddressbook-multiple-xss(73944)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73944"}, {"tags": ["x_refsource_MISC"], "url": "http://sourceforge.net/tracker/?func=detail&aid=3527242&group_id=157964&atid=805929"}, {"tags": ["x_refsource_MISC"], "url": "http://www.darksecurity.de/index.php?/215-SSCHADV2012-013-PHP-Address-Book-7.0.0-Multiple-security-vulnerabilities.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-1912", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in preferences.php in PHP Address Book 7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the from parameter. NOTE: the index.php vector is already covered by CVE-2008-2566."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "42781", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42781"}, {"name": "18578", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/18578"}, {"name": "53598", "refsource": "BID", "url": "http://www.securityfocus.com/bid/53598"}, {"name": "49212", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49212"}, {"name": "52396", "refsource": "BID", "url": "http://www.securityfocus.com/bid/52396"}, {"name": "http://sourceforge.net/tracker/?func=detail&aid=3501716&group_id=157964&atid=805929", "refsource": "MISC", "url": "http://sourceforge.net/tracker/?func=detail&aid=3501716&group_id=157964&atid=805929"}, {"name": "http://sourceforge.net/tracker/?func=detail&aid=3496653&group_id=157964&atid=805929", "refsource": "MISC", "url": "http://sourceforge.net/tracker/?func=detail&aid=3496653&group_id=157964&atid=805929"}, {"name": "http://www.darksecurity.de/advisories/2012/SSCHADV2012-007.txt", "refsource": "MISC", "url": "http://www.darksecurity.de/advisories/2012/SSCHADV2012-007.txt"}, {"name": "phpaddressbook-multiple-xss(73944)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73944"}, {"name": "http://sourceforge.net/tracker/?func=detail&aid=3527242&group_id=157964&atid=805929", "refsource": "MISC", "url": "http://sourceforge.net/tracker/?func=detail&aid=3527242&group_id=157964&atid=805929"}, {"name": "http://www.darksecurity.de/index.php?/215-SSCHADV2012-013-PHP-Address-Book-7.0.0-Multiple-security-vulnerabilities.html", "refsource": "MISC", "url": "http://www.darksecurity.de/index.php?/215-SSCHADV2012-013-PHP-Address-Book-7.0.0-Multiple-security-vulnerabilities.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:17:26.957Z"}, "title": "CVE Program Container", "references": [{"name": "42781", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42781"}, {"name": "18578", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/18578"}, {"name": "53598", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/53598"}, {"name": "49212", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/49212"}, {"name": "52396", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/52396"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://sourceforge.net/tracker/?func=detail&aid=3501716&group_id=157964&atid=805929"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://sourceforge.net/tracker/?func=detail&aid=3496653&group_id=157964&atid=805929"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.darksecurity.de/advisories/2012/SSCHADV2012-007.txt"}, {"name": "phpaddressbook-multiple-xss(73944)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73944"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://sourceforge.net/tracker/?func=detail&aid=3527242&group_id=157964&atid=805929"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.darksecurity.de/index.php?/215-SSCHADV2012-013-PHP-Address-Book-7.0.0-Multiple-security-vulnerabilities.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-1912", "datePublished": "2012-09-09T21:00:00.000Z", "dateReserved": "2012-03-26T00:00:00.000Z", "dateUpdated": "2024-08-06T19:17:26.957Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:chatelao:php_address_book:*:*:*:*:*:*:*:*", "matchCriteriaId": "81E0E6C1-11E6-45CD-9DFD-E7363264FAC2", "versionEndIncluding": "7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9FF0E35-2CE9-4913-9972-06A1CC9ED7F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "0638A8E0-D5AE-4CE8-A231-189AB5C37760", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "5F0ECE8F-2CA0-4A96-829F-CC44E6A23F7D", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "705B32EE-8B6F-4E52-BDDD-3E29C8C12DA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B552C348-EA14-441B-965D-BFBCF3C659B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "8B1CC353-0194-4223-9AE9-9F1A0366CA56", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "957DEF49-95C3-47A3-87CC-F96244EB02CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "8AE4907C-EEAE-467B-B4D8-815D74BC967C", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "F6DA8E52-EBC4-467A-9828-7C4FF5DB2F94", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA81584D-0146-4671-8AA4-826B0679E814", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "BB40E9BC-AA89-4BD1-9D0F-B4683594D41E", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "713BAF0E-F052-4EBD-B96F-617BDF502C2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "00B8BE5A-0515-47CB-B9CA-99DD1084931E", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "BA2650C2-DC43-4200-A549-72FDD5D0B2C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "6240EDAA-3A91-4C60-84EA-A707DB15A704", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "AEE9BCD9-2FAB-4C5E-84AF-06A018CBCECA", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "9D14A98C-11E4-4BDC-ADCC-92AFFEEF7D36", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "5934027A-D791-40B2-A6C7-CC48ACC93902", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "55D4AE6B-BF07-42F9-855C-C515DF53DE38", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7E693058-2317-45AA-9EDA-E172481D0F68", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "90AEA533-75C0-405B-9B9C-5112EF915046", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "C15CD197-7DAD-4167-A09C-8CC624D2C193", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "32346086-559E-4F3A-89CD-80E2008ADD9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "5693BA39-D016-4638-B02B-D850DDE70CAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "911C62F2-1A01-478D-84C9-025B355D2DF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "3A745F5E-80AC-4684-BD75-7971AB59C463", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "3AE0883E-2BE6-4DF6-BD79-FF06252C5999", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "4B8CE468-BFB1-479F-80A5-CBE64AFBB450", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "3495E90E-B6A8-40D3-BAA9-300000C96E78", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "31F79981-2AD9-48B2-93AB-CFC4DD2EA509", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.13:*:*:*:*:*:*:*", "matchCriteriaId": "795AB655-C201-43B1-8EAE-3E6DBD4F46BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "BF7637C9-BA44-4FB3-868E-7DB92820443F", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "70CC57C1-10E2-4D07-814C-C4AA12F261FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "0E6AF78B-7394-4DDB-BA29-151776501A37", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "86397AC1-216C-4373-934C-6AA4F21B9646", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "A9840DDB-EE33-4D1A-8492-5F3AFF2CD049", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "B6E47917-CFF0-4B09-ACE5-DFC58E05E5CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "CBAE35A0-C598-485A-A096-2854A05642F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "051D749E-2F22-4297-ADF0-0706A80690DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "09C820E7-02FC-4A92-A4C4-0E2EF0AE0AE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "8F213E2B-A69D-4774-9C28-3F658716DABD", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "A0C1245A-52B7-47A7-A821-028488F08FAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "52BA93B1-0EA4-40F9-ABAC-22A77ED53575", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.12:*:*:*:*:*:*:*", "matchCriteriaId": "5578C089-84AE-49C7-887A-4ECAF40C036D", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "3E6E13B5-F795-4ACB-91B6-E9BE2CC07329", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.14:*:*:*:*:*:*:*", "matchCriteriaId": "67DBC8D6-430E-4052-AE60-28370A0FB22D", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.15:*:*:*:*:*:*:*", "matchCriteriaId": "F6FAE015-21BC-4BD3-95DF-BA32A2A0E014", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.16:*:*:*:*:*:*:*", "matchCriteriaId": "F041863D-17BB-4927-AEE4-02D00FC27B6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.17:*:*:*:*:*:*:*", "matchCriteriaId": "6BB546BC-9A90-4E1C-A3CC-270FBE1C28BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.3.18:*:*:*:*:*:*:*", "matchCriteriaId": "DECE508D-0E94-4650-854B-BE69ADE25CCE", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "6DD5C2FE-8992-446B-BAD9-60AF7C2FB657", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "B28FEED4-E6AE-4B54-AC39-88633509D33D", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "379EE48E-8F64-494A-887F-47F45F7756DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "F906499A-9AE1-49B8-A96D-0E4866ADC877", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "9805B1F8-D618-4BE0-8B9F-B837332624B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "6DDAFB40-DCE2-4B22-A9B4-8E74C046E87F", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "48A3137A-3FA2-4135-A3B9-E6432FE4EE03", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "697E4786-1656-481E-AEDF-DFFB838A7ABB", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "4E9E243D-EE1F-4476-B1E8-EE56EAC3691E", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:3.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "AFC7295A-8B07-4DB7-BA31-CC8924C2F136", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B55DB92-22A0-461C-8C82-2F1A3C5D855E", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "42B80912-2590-41E4-9F02-94F830E5829C", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA4A53AB-E2BA-45DC-9C33-C9F88AFE9405", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "9B57B554-7966-4861-8205-263F0B95B4B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "1AEE7B03-7BDA-4704-8B24-965288050FF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "11CA518D-0304-445E-A72B-30EC351FBA08", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.0:beta:*:*:*:*:*:*", "matchCriteriaId": "6AE10944-ED44-4726-94C1-54A5D1AE1235", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "9458A499-0B83-4656-8154-401062F3CBAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D7150ABE-D8DC-45AD-A55F-9ACDB7695F27", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "1C8F53A7-5ED8-4C67-A683-4609BA3E7101", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "E9F0241F-D7CF-4990-9FF0-180D41EF7E4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5508935A-83E2-4F30-9CFB-10FBA170584D", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "72AF4463-AC87-4B6E-AEFE-B29E7BA0939D", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2956FC93-485F-4D93-BAE0-D8D969F8652E", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "1561EF56-36C2-4214-95EF-5A7E6C466A44", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "3901C534-8162-4B69-A698-1C74C8953D0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "23EF6361-1C64-4575-9824-874E4E73BAC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "84FB1978-00E7-4E0A-8D14-9ECDD2B68E34", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "DD81D7CD-754A-4B16-B02D-F7BFF4717EED", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "C306D7B1-7005-456B-929B-59609A5D4AB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "FE982167-CE2B-47EA-B479-FF616972967B", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "A3AB8F31-0E68-43FE-8001-B1C7E0D639BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "631D327F-C853-4E14-BA57-00D25BD21931", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "4B7F9260-68C7-4882-8471-8104D4669234", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "DA1C7F75-098F-4B5F-90FB-0DB6397C6563", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "E2E400BB-CC69-4545-9C50-30AC0644356C", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "655454C1-7AF4-4B30-897C-63AB394C7FE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:5.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D4DD7AA-3CBC-402F-AAFD-3D865591A2B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "23B3D29F-31C5-442B-B22D-19506EEA8DA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "4DAB49E0-5D06-43BD-8258-4FD913DA9C88", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "91BC2939-05E1-4F5A-A9BC-25F732A9649B", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "392FF7B6-06A8-41CC-8704-2E0355850663", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "939D5ED3-81A9-4896-84D1-21705798BAD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "19A07ED0-814A-44B5-B540-361FE802DB11", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "C739837C-9F03-4D89-921D-97EAAC0918FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "9B4BDC6A-AD2C-45B2-BD7B-A6A6F51D8695", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "72084B7E-1937-4E43-8F61-5CE44F3F8AA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "053FD703-D407-403E-B5C0-61DDA99BB722", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "72B238F1-703F-425C-AA74-570595D78BDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "B5B9C746-086D-454B-8FA3-F75435FC5325", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "32DFF878-DE06-41B4-8D46-D036750A7E9F", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "065148E1-2E02-46A1-A71F-25A4E946A366", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "BC22B0AA-2A19-4A93-8D04-74D3905BBC1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "6835958E-1E7B-4B1E-BB44-FC2A126800E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0FCDB-6790-4761-BF7C-E720F2AD18AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:chatelao:php_address_book:6.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "A2F0DA82-2EEA-4264-9DEF-1849D34F11D3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in preferences.php in PHP Address Book 7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the from parameter. NOTE: the index.php vector is already covered by CVE-2008-2566."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en preferences.php en PHP Address Book v7.0 y anteriores, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro form. NOTA: el vector index.php est\u00e1 cubierto por CVE-2008-2566."}], "id": "CVE-2012-1912", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-09-09T21:55:06.697", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42781"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/49212"}, {"source": "cve@mitre.org", "url": "http://sourceforge.net/tracker/?func=detail&aid=3496653&group_id=157964&atid=805929"}, {"source": "cve@mitre.org", "url": "http://sourceforge.net/tracker/?func=detail&aid=3501716&group_id=157964&atid=805929"}, {"source": "cve@mitre.org", "url": "http://sourceforge.net/tracker/?func=detail&aid=3527242&group_id=157964&atid=805929"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.darksecurity.de/advisories/2012/SSCHADV2012-007.txt"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.darksecurity.de/index.php?/215-SSCHADV2012-013-PHP-Address-Book-7.0.0-Multiple-security-vulnerabilities.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/18578"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/52396"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/53598"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73944"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/42781"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/49212"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/tracker/?func=detail&aid=3496653&group_id=157964&atid=805929"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/tracker/?func=detail&aid=3501716&group_id=157964&atid=805929"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/tracker/?func=detail&aid=3527242&group_id=157964&atid=805929"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.darksecurity.de/advisories/2012/SSCHADV2012-007.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.darksecurity.de/index.php?/215-SSCHADV2012-013-PHP-Address-Book-7.0.0-Multiple-security-vulnerabilities.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/18578"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/52396"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/53598"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73944"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}