CVE-2008-6260
SQL injection in Ultrastats affects index.php for versions 0.2.144 and 0.3.11, exploitable via the serverid parameter. The root cause is improper input handling in index.php enabling arbitrary SQL commands. Impact is partial confidentiality, integrity, and availability depending on the app’s DB i...