Filtered by vendor Pvpgn
Subscribe
Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-18291 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter. | |||||
CVE-2017-18290 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter. | |||||
CVE-2017-18289 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter. | |||||
CVE-2017-18288 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter. | |||||
CVE-2017-18287 | 1 Pvpgn | 1 Stats | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST user_search parameter. | |||||
CVE-2008-5370 | 1 Pvpgn | 1 Pvpgn | 2024-11-21 | 6.9 MEDIUM | N/A |
pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file. | |||||
CVE-2004-2705 | 1 Pvpgn | 1 Pvpgn | 2024-11-20 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) before 1.6.4 allows remote attackers to obtain attributes of arbitrary accounts, including the password hash, via certain statsreq packets. |