Unrated severityNVD Advisory· Published Aug 1, 2006· Updated Apr 16, 2026
CVE-2006-3959
CVE-2006-3959
Description
SQL injection vulnerability in protect.php in X-Scripts X-Protection 1.10, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameter.
Affected products
1- cpe:2.3:a:x-scripts:x-statistics:1.10:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6News mentions
0No linked articles in our index yet.