2 matches found
CVE-2006-2253
CVE-2006-2253 corresponds to a PHP remote file inclusion vulnerability in Statit 4 (060207), specifically in visible_count_inc.php. The flaw allows remote attackers to execute arbitrary PHP code by supplying a URL in the statitpath parameter. The NVD and related records confirm the impact as arbi...
CVE-2012-5341
CVE-2012-5341 affects Otterware StatIt 4, where statistik.php is vulnerable to XSS via (1) action, (2) show in stat_tld, or (3) order in stat_abfragen, allowing remote script/HTML injection. Exploitation details are not provided in the supplied documents; no remediation is listed here.