25 matches found
CVE-2009-4717
Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...
EUVD-2009-4682
Malware in sbrugna...
EUVD-2009-4681
Malware in sbrugna...
CVE-2009-4718
SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-4717
Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...
CVE-2009-4718
SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...
Sql injection
SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-4718
CVE-2009-4718 affects Gonafish WebStatCaffe: SQL injection in visitorduration.php via the nodayshow parameter. This allows remote attackers to execute arbitrary SQL commands. Severity is high (CVSS v2 base 7.5). No remediation details are provided in the connected documents; exploitation status a...
CVE-2009-4718
SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-4717
CVE-2009-4717 affects Gonafish WebStatCaffe. The issue is multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via parameters in stat/: host.php (host), mostvisitpage.php and visitorduration.php (nodayshow), stat/mostvisitpagechart...
CVE-2009-4717
Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...
WebStatCaffe - statpageviewerschart.php?date Cross-Site Scripting
WebStatCaffe - statpageviewerschart.php?date Cross-Site Scripting source: https://www.securityfocus.com/bid/43339/info Gonafish WebStatCaffe is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues t...
WebStatCaffe - statvisitorduration.php?nodayshow Cross-Site Scripting
WebStatCaffe - statvisitorduration.php?nodayshow Cross-Site Scripting source: https://www.securityfocus.com/bid/43339/info Gonafish WebStatCaffe is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issu...
WebStatCaffe - '/stat/pageviewerschart.php?date' Cross-Site Scripting
source: https://www.securityfocus.com/bid/43339/info Gonafish WebStatCaffe is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
WebStatCaffe - '/stat/mostvisitpage.php?nodayshow' Cross-Site Scripting
source: https://www.securityfocus.com/bid/43339/info Gonafish WebStatCaffe is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
WebStatCaffe - '/stat/referer.php?date' Cross-Site Scripting
source: https://www.securityfocus.com/bid/43339/info Gonafish WebStatCaffe is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
WebStatCaffe - statmostvisitpage.php?nodayshow Cross-Site Scripting
WebStatCaffe - statmostvisitpage.php?nodayshow Cross-Site Scripting source: https://www.securityfocus.com/bid/43339/info Gonafish WebStatCaffe is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues...
WebStatCaffe - '/stat/visitorduration.php?nodayshow' Cross-Site Scripting
source: https://www.securityfocus.com/bid/43339/info Gonafish WebStatCaffe is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
WebStatCaffe - statreferer.php?date Cross-Site Scripting
WebStatCaffe - statreferer.php?date Cross-Site Scripting source: https://www.securityfocus.com/bid/43339/info Gonafish WebStatCaffe is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...