CVE-2006-3580
CVE-2006-3580 describes an SQL injection in pages.asp of the ASP Stats Generator before 2.1.2. Remote attackers can execute arbitrary SQL commands via the order parameter. The CVSS data (base 7.5, HIGH) indicates Potential impact to confidentiality, integrity, and availability (partial for each)....