2 matches found
CVE-2006-2972
CVE-2006-2972 concerns Arantius Vice Stats (versions 0.5b and 1.0). The vulnerability is a SQL injection in vs_resource.php that lets remote attackers execute arbitrary SQL commands via the ID parameter. This is a persistent risk to data integrity and confidentiality for affected installations, a...
CVE-2006-2981
Arantius Vice Stats is affected by SQL injection in multiple PHP files. CVE-2006-2981 affects vs_search.php (Vice Stats before 1.0.1), enabling remote SQL commands via unknown vectors; CVE-2006-2972 affects vs_resource.php (versions 0.5b and 1.0) via the ID parameter. Root cause in the PHP code a...