Phpabook Project Phpabook — known CVE vulnerabilities
Every CVE whose affected-product data names Phpabook Project Phpabook, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-8510 — CVSS 9.8 (critical): An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en…
CVE-2022-30352 — CVSS 9.8 (critical): phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "auth_user" parameter in…