Show filters
42 Total Results
Displaying 11-20 of 42
Sort by:
Attacker Value
Unknown
CVE-2009-3966
Disclosure Date: November 18, 2009 (last updated October 04, 2023)
Arcade Trade Script 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLoggedIn cookie to true.
0
Attacker Value
Unknown
CVE-2009-3973
Disclosure Date: November 18, 2009 (last updated October 04, 2023)
SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a browse action, a different vector than CVE-2008-5629.
0
Attacker Value
Unknown
CVE-2009-2775
Disclosure Date: August 14, 2009 (last updated October 04, 2023)
SQL injection vulnerability in linkout.php in PHPArcadeScript (PHP Arcade Script) 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
0
Attacker Value
Unknown
CVE-2009-2771
Disclosure Date: August 14, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Free Arcade Script 1.3 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter to the default URI under search/.
0
Attacker Value
Unknown
CVE-2009-2289
Disclosure Date: July 01, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the q parameter in a gamelist action.
0
Attacker Value
Unknown
CVE-2009-1228
Disclosure Date: April 02, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in register.php in Arcadwy Arcade Script CMS allows remote attackers to inject arbitrary web script or HTML via the username field (user_name parameter).
0
Attacker Value
Unknown
CVE-2009-1229
Disclosure Date: April 02, 2009 (last updated October 04, 2023)
SQL injection vulnerability in Arcadwy Arcade Script allows remote attackers to execute arbitrary SQL commands via the user cookie parameter.
0
Attacker Value
Unknown
CVE-2009-0731
Disclosure Date: February 24, 2009 (last updated October 04, 2023)
Directory traversal vulnerability in pages/play.php in Free Arcade Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
0
Attacker Value
Unknown
CVE-2008-6040
Disclosure Date: February 03, 2009 (last updated October 04, 2023)
SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php.
0
Attacker Value
Unknown
CVE-2008-5629
Disclosure Date: December 17, 2008 (last updated October 04, 2023)
SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a play action.
0
