RSS   Vulnerabilities for 'X-statistics'   RSS

2006-08-01
 
CVE-2006-3959

 

 
SQL injection vulnerability in protect.php in X-Scripts X-Protection 1.10, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameter.

 
 
CVE-2006-3950

 

 
SQL injection vulnerability in x-statistics.php in X-Scripts X-Statistics 1.20 allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.

 

 >>> Vendor: X-scripts 2 Products
X-poll
X-statistics


Copyright 2024, cxsecurity.com

 

Back to Top