Vendor
Pilotgroup
Products
4
CVEs
6
Across products
6
Status
Private
Products
4- 3 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-15969 | Cri | 0.67 | 9.8 | 0.02 | Oct 29, 2017 | PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category. | |
| CVE-2010-2356 | 0.03 | — | 0.01 | Jun 21, 2010 | Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the course_id parameter. | ||
| CVE-2010-2355 | 0.03 | — | 0.00 | Jun 21, 2010 | Cross-site scripting (XSS) vulnerability in error.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||
| CVE-2010-2354 | 0.03 | — | 0.01 | Jun 21, 2010 | SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to execute arbitrary SQL commands via the course_id parameter. | ||
| CVE-2009-3513 | 0.03 | — | 0.00 | Oct 1, 2009 | Multiple cross-site scripting (XSS) vulnerabilities in Pilot Group (PG) eTraining allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to courses_login.php, the id parameter to (2) news_read.php or (3) lessons_login.php, or (4) the cur parameter in a start action to lessons_login.php. | ||
| CVE-2008-6117 | 0.03 | — | 0.01 | Feb 11, 2009 | SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute arbitrary SQL commands via the poll_view_id parameter in a results action. |