Lucene search

Pvpgn Security Vulnerabilities

cve

CVE-2004-2705

Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) before 1.6.4 allows remote attackers to obtain attributes of arbitrary accounts, including the password hash, via certain statsreq packets.

6.9AI Score

0.009EPSS

2007-10-06 09:00 PM

cve

CVE-2008-5370

pvpgn-support-installer in pvpgn 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pvpgn-support-1.0.tar.gz temporary file.

6.3AI Score

0.0004EPSS

2022-10-03 04:13 PM

cve

CVE-2017-18287

An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST user_search parameter.

9.8CVSS

9.8AI Score

0.002EPSS

2022-10-03 04:23 PM

cve

CVE-2017-18288

An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter.

9.8CVSS

9.8AI Score

0.002EPSS

2022-10-03 04:23 PM

cve

CVE-2017-18289

An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter.

9.8CVSS

9.8AI Score

0.002EPSS

2022-10-03 04:23 PM

cve

CVE-2017-18290

An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter.

9.8CVSS

9.8AI Score

0.002EPSS

2022-10-03 04:23 PM

cve

CVE-2017-18291

An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter.

9.8CVSS

9.8AI Score

0.002EPSS

2022-10-03 04:23 PM