2 matches found
CVE-2017-18291
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter...
CVE-2017-18291
The CVE-2017-18291 issue affects PvPGN Stats 2.4.6, where the ladder/stats.php script is vulnerable to SQL injection via the GET parameter user due to failure to filter database queries. This vulnerability can lead to unauthorized access to the PvPGN database (including email, username and passwo...