VYPR
Vendor

Pilotgroup

Products
7
CVEs
9
Across products
10
Status
Private

Products

7

Recent CVEs

9
  • CVE-2017-15969CriOct 29, 2017
    risk 0.67cvss 9.8epss 0.02

    PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category.

  • CVE-2010-2356Jun 21, 2010
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the course_id parameter.

  • CVE-2010-2355Jun 21, 2010
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in error.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party…

  • CVE-2010-2354Jun 21, 2010
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to execute arbitrary SQL commands via the course_id parameter.

  • CVE-2009-3513Oct 1, 2009
    risk 0.03cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Pilot Group (PG) eTraining allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to courses_login.php, the id parameter to (2) news_read.php or (3) lessons_login.php, or (4) the cur…

  • CVE-2008-6117Feb 11, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute arbitrary SQL commands via the poll_view_id parameter in a results action.

  • CVE-2008-5307Dec 2, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in admin/index.php in PG Roommate Finder Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter. NOTE: some of these details are obtained from third party information.

  • CVE-2008-5306Dec 2, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in admin/index.php in PG Real Estate Solution allows remote attackers to execute arbitrary SQL commands via the login_lg parameter (username). NOTE: some of these details are obtained from third party information.

  • CVE-2008-4709Oct 23, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in news_read.php in Pilot Group (PG) eTraining allows remote attackers to execute arbitrary SQL commands via the id parameter.