Description
SQL injection vulnerability in pages.asp in ASP Stats Generator before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the order parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Hamid Ebadi · textwebappsasp
https://www.exploit-db.com/exploits/1931
References (6)
Core 6
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/1931
Exploit x_refsource_misc
http://www.hamid.ir/security/aspstats.txt
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20721
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27283
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/18512
Exploit vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1016336
Scores
EPSS
0.0129
EPSS Percentile
79.7%
Details
Status
published
Products (1)
asp_stats_generator/asp_stats_generator
< 2.1.1
Published
Jul 13, 2006
Tracked Since
Feb 18, 2026