CVE-2010-10010
- EPSS 0.08%
- Veröffentlicht 01.06.2023 05:15:09
- Zuletzt bearbeitet 21.11.2024 01:13:24
A vulnerability classified as problematic has been found in Stars Alliance PsychoStats up to 3.2.2a. This affects an unknown part of the file upload/admin/login.php. The manipulation of the argument ref leads to cross site scripting. It is possible t...
CVE-2013-3721
- EPSS 0.44%
- Veröffentlicht 31.05.2013 12:20:25
- Zuletzt bearbeitet 11.04.2025 00:51:21
SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter.
CVE-2008-6422
- EPSS 0.65%
- Veröffentlicht 06.03.2009 18:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) weapon.php and (2) map.php.
CVE-2007-2914
- EPSS 0.79%
- Veröffentlicht 30.05.2007 10:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Multiple cross-site scripting (XSS) vulnerabilities in PsychoStats 3.0.6b allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) awards.php, (2) login.php, (3) register.php, (4) weapons.php, and possibly other unspecif...
- EPSS 10.59%
- Veröffentlicht 21.05.2007 23:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a request for server.php with a missing or invalid newtheme parameter, which reveals a path in an error message.
CVE-2004-1417
- EPSS 0.89%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Cross-site scripting (XSS) vulnerability in login.php in PsychoStats 2.2.4 Beta and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter.