CVE-2010-1498
Multiple SQL injection vulnerabilities affect the dl_stats package before version 2.0. The issue allows remote attackers to execute arbitrary SQL commands by supplying a crafted id parameter to two PHP endpoints: download.php and view_file.php. This conclusion is supported by CVE-2010-1498 record...