Vulnerabilities > ASP Stats Generator
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-07-13 | CVE-2006-3580 | SQL Injection vulnerability in ASP Stats Generator Pages.ASP SQL injection vulnerability in pages.asp in ASP Stats Generator before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the order parameter. | 7.5 |
2006-06-23 | CVE-2006-3184 | Remote Security vulnerability in Asp Stats Generator Direct static code injection vulnerability in ASP Stats Generator before 2.1.2 allows remote authenticated attackers to execute arbitrary ASP code via the strAsgSknPageBgColour parameter to settings_skin.asp, which is stored in inc_skin_file.asp. | 4.0 |