Jurgen Voorneveld

**Name of the Vulnerable Software and Affected Versions** PHP Address Book version 8.2.5 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via various parameters to different PHP files, including the `id` parameter to "/addressbook/register/delete user.php", "/addressbook/register/edit user.php", or "/addressbook/register/edit user save.php"; the `email` parameter to "/addressbook/register/edit user save.php", "/addressbook/register/reset password.php", "/addressbook/register/reset password save.php", or "/addressbook/register/user add save.php"; the `username` parameter to "/addressbook/register/checklogin.php" or "/addressbook/register/reset password save.php"; the `lastname`, `firstname`, `phone`, `permissions`, or `notes` parameter to "/addressbook/register/edit user save.php"; the `q` parameter to "/addressbook/register/admin index.php"; the `site` parameter to "/addressbook/register/linktick.php"; the `password` parameter to "/addressbook/register/reset password.php"; the `password hint` parameter to "/addressbook/register/reset password save.php"; the `var` parameter to "/addressbook/register/traffic.php"; or a `BasicLogin` cookie to "/addressbook/register/router.php". **Recommendations** For PHP Address Book version 8.2.5, consider disabling the vulnerable parameters and API endpoints until a patch is available. Restrict access to the affected PHP files to minimize the risk of exploitation. Avoid using the specified parameters in the affected API endpoints until the issue is resolved. As a temporary workaround, consider implementing input validation and sanitization for the `id`, `email`, `username`, `lastname`, `firstname`, `phone`, `permissions`, `notes`, `q`, `site`, `password`, `password hint`, and `var` parameters, as well as for the `BasicLogin` cookie.