CVE-2010-10010
- EPSS 0.49%
- Veröffentlicht 01.06.2023 05:15:09
- Zuletzt bearbeitet 21.11.2024 01:13:24
A vulnerability classified as problematic has been found in Stars Alliance PsychoStats up to 3.2.2a. This affects an unknown part of the file upload/admin/login.php. The manipulation of the argument ref leads to cross site scripting. It is possible t...
CVE-2013-3721
- EPSS 2.28%
- Veröffentlicht 31.05.2013 12:20:25
- Zuletzt bearbeitet 29.04.2026 01:13:23
SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter.
CVE-2008-6422
- EPSS 1.15%
- Veröffentlicht 06.03.2009 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:02:12
Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) weapon.php and (2) map.php.
CVE-2007-2914
- EPSS 1.53%
- Veröffentlicht 30.05.2007 10:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:41
Multiple cross-site scripting (XSS) vulnerabilities in PsychoStats 3.0.6b allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) awards.php, (2) login.php, (3) register.php, (4) weapons.php, and possibly other unspecif...
- EPSS 3.02%
- Veröffentlicht 21.05.2007 23:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:18
PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a request for server.php with a missing or invalid newtheme parameter, which reveals a path in an error message.
CVE-2004-1417
- EPSS 1.93%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:39
Cross-site scripting (XSS) vulnerability in login.php in PsychoStats 2.2.4 Beta and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter.