Hanicker

Name of the Vulnerable Software and Affected Versions: PHP-Stats version 0.1.9.2 Description: A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `ip` parameter in an online action. Recommendations: For PHP-Stats version 0.1.9.2, avoid using the `ip` parameter in the tracking.php file until a fix is available. As a temporary workaround, consider validating and sanitizing user input to prevent malicious script injections.