2 matches found
CVE-2009-4717
CVE-2009-4717 affects Gonafish WebStatCaffe. The issue is multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via parameters in stat/: host.php (host), mostvisitpage.php and visitorduration.php (nodayshow), stat/mostvisitpagechart...
CVE-2009-4718
CVE-2009-4718 affects Gonafish WebStatCaffe: SQL injection in visitorduration.php via the nodayshow parameter. This allows remote attackers to execute arbitrary SQL commands. Severity is high (CVSS v2 base 7.5). No remediation details are provided in the connected documents; exploitation status a...