Vulnerabilities > CVE-2006-3580 - SQL Injection vulnerability in ASP Stats Generator Pages.ASP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in pages.asp in ASP Stats Generator before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the order parameter. Upgrade to version 2.1.2
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | ASP Stats Generator <= 2.1.1 SQL Injection Vulnerabilities. CVE-2006-3184,CVE-2006-3580. Webapps exploit for asp platform |
| file | exploits/asp/webapps/1931.txt |
| id | EDB-ID:1931 |
| last seen | 2016-01-31 |
| modified | 2006-06-19 |
| platform | asp |
| port | |
| published | 2006-06-19 |
| reporter | Hamid Ebadi |
| source | https://www.exploit-db.com/download/1931/ |
| title | ASP Stats Generator <= 2.1.1 - SQL Injection Vulnerabilities |
| type | webapps |