VYPR

Etraining

by Pilotgroup

CVEs (2)

  • CVE-2009-3513Oct 1, 2009
    risk 0.03cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Pilot Group (PG) eTraining allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to courses_login.php, the id parameter to (2) news_read.php or (3) lessons_login.php, or (4) the cur…

  • CVE-2008-4709Oct 23, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in news_read.php in Pilot Group (PG) eTraining allows remote attackers to execute arbitrary SQL commands via the id parameter.