SQL injection vulnerability in ArcadeBuilder Game Portal Manager 1.7 allows remote attackers to execute arbitrary SQL commands via a usercookie cookie.