CVE-2017-18289
PvPGN Stats 2.4.6 contains an SQL injection in ladder/stats.php triggered by an unsafely handled GET type parameter. The issue is documented across multiple sources (NVD, Red Hat, CNVD, CVE listing) as a SQL injection that could allow remote attackers to access the PvPGN database, potentially exp...