VYPR
Vendor

Pvpgn

Products
2
CVEs
7
Across products
7
Status
Private

Products

2

Recent CVEs

7
  • CVE-2017-18291CriJun 12, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter.

  • CVE-2017-18290CriJun 12, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter.

  • CVE-2017-18289CriJun 12, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter.

  • CVE-2017-18288CriJun 12, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter.

  • CVE-2017-18287CriJun 12, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST user_search parameter.

  • CVE-2008-5370Dec 8, 2008
    risk 0.00cvss epss 0.00

    pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file.

  • CVE-2004-2705Dec 31, 2004
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) before 1.6.4 allows remote attackers to obtain attributes of arbitrary accounts, including the password hash, via certain statsreq packets.