Hlstats: >> Hlstats >> 1.20 Security Vulnerabilities
HLstats 1.20 through 1.34 allows remote attackers to obtain sensitive information via playinfo mode, with certain values of the player and playerdata[lastName][] parameters, which reveals the path in an error message.
CVSS Score
5.0
EPSS Score
0.027
Published
2006-12-28
SQL injection vulnerability in the login form in HLstats 1.20 through 1.34 allows remote attackers to execute arbitrary SQL commands via the killLimit parameter.
CVSS Score
7.5
EPSS Score
0.012
Published
2006-12-28