X-scripts - X-statistics CVE

Filtered by vendor X-scripts Subscribe

Filtered by product X-statistics

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2006-3950	1 X-scripts	1 X-statistics	2024-02-04	7.5 HIGH	N/A
SQL injection vulnerability in x-statistics.php in X-Scripts X-Statistics 1.20 allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.
CVE-2006-3959	1 X-scripts	1 X-statistics	2024-02-04	7.5 HIGH	N/A
SQL injection vulnerability in protect.php in X-Scripts X-Protection 1.10, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameter.

Vulnerabilities (CVE)