Dscounter

DATE	CVE	VULNERABILITY TITLE	RISK
2006-03-14	CVE-2006-1234	SQL Injection vulnerability in Dsportal Dscounter 1.2 SQL injection vulnerability in index.php in DSCounter 1.2, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field (HTTP_X_FORWARDED_FOR environment variable) in an HTTP header. network high complexity dsportal	5.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.