VYPR

Webstatcaffe

by Gonafish

CVEs (2)

  • CVE-2009-4717Mar 15, 2010
    risk 0.03cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the (1) host parameter to stat/host.php, nodayshow parameter to (2) mostvisitpage.php and (3) visitorduration.php in stat/, (4)…

  • CVE-2009-4718Mar 15, 2010
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.