CVE-2007-2812

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
22/05/2007
Last modified:
09/04/2025

Description

Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.35, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO or (2) the action parameter.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:hlstats:hlstats:*:*:*:*:*:*:*:* 1.35 (including)