Pvpgn
Products
2- 5 CVEs
- 2 CVEs
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-18291 | Cri | 0.64 | 9.8 | 0.01 | Jun 12, 2018 | An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter. | ||
| CVE-2017-18290 | Cri | 0.64 | 9.8 | 0.01 | Jun 12, 2018 | An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter. | ||
| CVE-2017-18289 | Cri | 0.64 | 9.8 | 0.01 | Jun 12, 2018 | An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter. | ||
| CVE-2017-18288 | Cri | 0.64 | 9.8 | 0.01 | Jun 12, 2018 | An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter. | ||
| CVE-2017-18287 | Cri | 0.64 | 9.8 | 0.01 | Jun 12, 2018 | An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST user_search parameter. | ||
| CVE-2008-5370 | 0.00 | — | 0.00 | Dec 8, 2008 | pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file. | |||
| CVE-2004-2705 | 0.00 | — | 0.01 | Dec 31, 2004 | Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) before 1.6.4 allows remote attackers to obtain attributes of arbitrary accounts, including the password hash, via certain statsreq packets. |
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST user_search parameter.
- CVE-2008-5370Dec 8, 2008risk 0.00cvss —epss 0.00
pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file.
- CVE-2004-2705Dec 31, 2004risk 0.00cvss —epss 0.01
Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) before 1.6.4 allows remote attackers to obtain attributes of arbitrary accounts, including the password hash, via certain statsreq packets.