VYPR

Asp Stats Generator

by Asp Stats Generator

CVEs (2)

  • CVE-2006-3580Jul 13, 2006
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in pages.asp in ASP Stats Generator before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the order parameter.

  • CVE-2006-3184Jun 23, 2006
    risk 0.03cvss epss 0.02

    Direct static code injection vulnerability in ASP Stats Generator before 2.1.2 allows remote authenticated attackers to execute arbitrary ASP code via the strAsgSknPageBgColour parameter to settings_skin.asp, which is stored in inc_skin_file.asp.