CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

X-Scripts: >> X-Statistics Security Vulnerabilities

CVE-2006-3950

SQL injection vulnerability in x-statistics.php in X-Scripts X-Statistics 1.20 allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.

CVSS Score

7.5

EPSS Score

0.009

Published

2006-08-01

CVE-2006-3959

SQL injection vulnerability in protect.php in X-Scripts X-Protection 1.10, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameter.

CVSS Score

7.5

EPSS Score

0.006

Published

2006-08-01

Page 1

Vulnerabilities

Vulnerable Software

X-Scripts: >> X-Statistics Security Vulnerabilities

Products

Pricing

Contact Us