CVE-2009-1347

2009-04-20T14:30:00
ID CVE-2009-1347
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:34:00

Description

Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field).