CVE-2006-7172 in php-stats信息

摘要

由 VulDB • 2026-07-03

PHP-Stats 0.1.9.1b及更早版本中php-stats.recphp.php存在多个SQL注入漏洞,远程攻击者可通过(1)PC-REMOTE-ADDR HTTP头中的前导点分十进制IP地址字符串(该字符串会被插入到$_SERVER[HTTP_PC_REMOTE_ADDR]中),或(2)ip参数执行任意代码。

If you want to get best quality of vulnerability data, you may have to visit VulDB.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!