Vulnerabilities > Pilotgroup > Elms PRO

DATE CVE VULNERABILITY TITLE RISK
2010-06-21 CVE-2010-2356 Cross-Site Scripting vulnerability in Pilotgroup Elms PRO
Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the course_id parameter.
network
pilotgroup CWE-79
4.3
4.3
2010-06-21 CVE-2010-2355 Cross-Site Scripting vulnerability in Pilotgroup Elms PRO
Cross-site scripting (XSS) vulnerability in error.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the message parameter.
network
pilotgroup CWE-79
4.3
4.3
2010-06-21 CVE-2010-2354 SQL Injection vulnerability in Pilotgroup Elms PRO
SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to execute arbitrary SQL commands via the course_id parameter.
network
low complexity
pilotgroup CWE-89
7.5
7.5