Vulnerabilities > Psychostats
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-01 | CVE-2010-10010 | Cross-site Scripting vulnerability in Psychostats A vulnerability classified as problematic has been found in Stars Alliance PsychoStats up to 3.2.2a. | 6.1 |
2013-05-31 | CVE-2013-3721 | SQL Injection vulnerability in Psychostats 3.2.2B SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter. | 7.5 |
2009-03-06 | CVE-2008-6422 | SQL Injection vulnerability in Psychostats 2.3/2.3.1/2.3.3 Multiple SQL injection vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) weapon.php and (2) map.php. | 7.5 |
2007-05-30 | CVE-2007-2914 | Cross-Site Scripting vulnerability in Psychostats 3.0.6B Multiple cross-site scripting (XSS) vulnerabilities in PsychoStats 3.0.6b allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) awards.php, (2) login.php, (3) register.php, (4) weapons.php, and possibly other unspecified files. | 4.3 |
2007-05-21 | CVE-2007-2780 | Information Exposure vulnerability in Psychostats PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a request for server.php with a missing or invalid newtheme parameter, which reveals a path in an error message. | 5.0 |