CVE-2008-4457
MemHT Portal 3.9.0 and earlier are affected by a SQL injection vulnerability in inc/inc_statistics.php. The issue arises when magic_quotes_gpc is disabled, allowing remote attackers to inject SQL via the stats_res cookie to index.php. Connected documents confirm the affected product and the vulne...