CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. source: http://www.securityfocus.com/bid/32430/info Pilot Group PG Roommate is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•17 views

Pilot Group eTraining lessons_login.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Pilot Group eTraining news_read.php id Parameter XSS

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•22 views

Pilot Group eTraining courses_login.php cat_id Parameter XSS

7.1AI score

Exploits0

NVD•added 2010/06/21 8:30 p.m.•17 views

CVE-2010-2356

Cross-site scripting XSS vulnerability in subscribe.php in Pilot Group PG eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the courseid parameter...

4.3CVSS5.7AI score0.02271EPSS

Exploits1References4

NVD•added 2010/06/21 8:30 p.m.•13 views

CVE-2010-2355

Cross-site scripting XSS vulnerability in error.php in Pilot Group PG eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS5.6AI score0.00327EPSS

Exploits0References4

Prion•added 2010/06/21 8:30 p.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in subscribe.php in Pilot Group PG eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the courseid parameter...

4.3CVSS6.1AI score0.02271EPSS

Exploits1References4

Prion•added 2010/06/21 8:30 p.m.•11 views

Cross site scripting

4.3CVSS6AI score0.00327EPSS

Exploits0References4

Prion•added 2010/06/21 8:30 p.m.•9 views

Sql injection

SQL injection vulnerability in subscribe.php in Pilot Group PG eLMS Pro allows remote attackers to execute arbitrary SQL commands via the courseid parameter...

7.5CVSS9.1AI score0.01135EPSS

Exploits1References6

CVE•added 2010/06/21 8:0 p.m.•40 views

CVE-2010-2356

CVE-2010-2356 affects Pilot Group (PG) eLMS Pro: XSS in subscribe.php, exploitable via the course_id parameter. Root cause is reflected/script injection in the course_id handling. The NVD notes a CVSSv2 base score of 4.3 (Medium) with network attack vector, no authentication, and partial integrit...

4.3CVSS5.9AI score0.02271EPSS

Exploits1References4Affected Software1

Cvelist•added 2010/06/21 8:0 p.m.•13 views

CVE-2010-2356

Cross-site scripting XSS vulnerability in subscribe.php in Pilot Group PG eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the courseid parameter...

5.7AI score0.02271EPSS

Exploits1References4

CVE•added 2010/06/21 8:0 p.m.•34 views

CVE-2010-2355

The CVE-2010-2355 entry describes a Cross-site scripting (XSS) vulnerability in error.php of Pilot Group (PG) eLMS Pro. The flaw allows remote attackers to inject arbitrary web script or HTML via the message parameter, potentially affecting any user who views the compromised page. The NVD details...

4.3CVSS5.7AI score0.00327EPSS

Exploits0References4Affected Software1

Cvelist•added 2010/06/21 8:0 p.m.•13 views

CVE-2010-2354

SQL injection vulnerability in subscribe.php in Pilot Group PG eLMS Pro allows remote attackers to execute arbitrary SQL commands via the courseid parameter...

8.4AI score0.01135EPSS

Exploits1References6

NVD•added 2009/10/01 2:30 p.m.•6 views

CVE-2009-3513

Multiple cross-site scripting XSS vulnerabilities in Pilot Group PG eTraining allow remote attackers to inject arbitrary web script or HTML via 1 the catid parameter to courseslogin.php, the id parameter to 2 newsread.php or 3 lessonslogin.php, or 4 the cur parameter in a start action to...

4.3CVSS5.8AI score0.00305EPSS

Exploits1References3

Prion•added 2009/10/01 2:30 p.m.•9 views

Cross site scripting

4.3CVSS6AI score0.00305EPSS

Exploits1References3

Cvelist•added 2009/10/01 2:0 p.m.•13 views

CVE-2009-3513

5.8AI score0.00305EPSS

Exploits1References3

exploitpack•added 2009/06/24 12:0 a.m.•11 views

Pilot Group eTraining - news_read.php Cross-Site Scripting

Pilot Group eTraining - newsread.php Cross-Site Scripting source: https://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

6.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by