Description
Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) month parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected products
- alexandre_dubus / audistat1.3 – 1.3
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/38494