Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 14/10/2007 Updated: 29/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote malicious users to execute arbitrary SQL commands via the (1) ip or (2) t parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php-stats php-stats 0.1.9.2

<?php /* Php-Stats 0192 Multiple Vulnerabilities Exploit Blind SQL Injection / Remote Code Execution PoC author: EgiX mail: n0b0d13s[at]gmail[dot]com link: php-statscom/downloads details: works with magic_quotes_runtime = off [1] Blind SQL Injection in php-statsrecjsphp: 94 if(isset($_GET['ip ...

CWE-89 http://www.securityfocus.com/bid/26022 http://osvdb.org/40608 https://www.exploit-db.com/exploits/4513 https://nvd.nist.gov https://www.exploit-db.com/exploits/4513/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-5452

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect