Pilotgroup : Security Vulnerabilities, CVEs,
PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category.
Max CVSS
9.8
EPSS Score
0.22%
Published
2017-10-29
Updated
2017-11-16
Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the course_id parameter.
Max CVSS
4.3
EPSS Score
0.22%
Published
2010-06-21
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in error.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
4.3
EPSS Score
0.22%
Published
2010-06-21
Updated
2017-08-17
SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to execute arbitrary SQL commands via the course_id parameter.
Max CVSS
7.5
EPSS Score
0.28%
Published
2010-06-21
Updated
2017-08-17
Multiple cross-site scripting (XSS) vulnerabilities in Pilot Group (PG) eTraining allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to courses_login.php, the id parameter to (2) news_read.php or (3) lessons_login.php, or (4) the cur parameter in a start action to lessons_login.php.
Max CVSS
4.3
EPSS Score
0.20%
Published
2009-10-01
Updated
2017-08-17
SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute arbitrary SQL commands via the poll_view_id parameter in a results action.
Max CVSS
7.5
EPSS Score
0.09%
Published
2009-02-11
Updated
2017-09-29
6 vulnerabilities found