CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|
| CVE-2006-3184 | | 0.04 | — | 0.09 | | Jun 23, 2006 | Direct static code injection vulnerability in ASP Stats Generator before 2.1.2 allows remote authenticated attackers to execute arbitrary ASP code via the strAsgSknPageBgColour parameter to settings_skin.asp, which is stored in inc_skin_file.asp. |
| CVE-2006-3580 | | 0.03 | — | 0.01 | | Jul 13, 2006 | SQL injection vulnerability in pages.asp in ASP Stats Generator before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the order parameter. |
