CVE-2006-1234

Name of the Vulnerable Software and Affected Versions DSCounter version 1.2

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the HTTP X FORWARDED FOR environment variable in an HTTP header, specifically the X-Forwarded-For field, when magic quotes gpc is disabled.

Recommendations For DSCounter version 1.2, consider disabling the use of the HTTP X FORWARDED FOR environment variable until a patch is available, or enable magic quotes gpc to mitigate the risk of SQL injection.