Out-of-date Version (Php Address Book)

Severity: Information

Summary#

Invicti identified the target web site is using PHP Address Book and detected that it is out of date. PHP Address Book is an open source web-based address & phone book system.

Impact#

Since this is an old version of the software, it may be vulnerable to attacks.

Remediation#

Please upgrade your installation of PHP Address Book to the latest stable version.

Classifications#

ISO27001-A.14.1.2, PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), OWASP 2013-A9, OWASP 2017-A9

Invicti Security Insights

Sven Morgenroth Talks About PHP Object Injection Vulnerabilities on Paul’s Security Weekly Podcast
End of Support for PHP 5 and PHP 7.0
PHP Wrappers, Streams & Local File Intrusion (LFI)
Sven Morgenroth Talks About PHP Type Juggling on Paul’s Security Weekly Podcast
PHP Type Juggling Exploit: Vulnerability, Payloads, and Fixes

Out-of-date Version (Php Address Book)

Related Articles

Build your resistance to threats. And save hundreds of hours each month.