RSS   Vulnerabilities for 'Av arcade'   RSS

2007-07-09
 
CVE-2007-3643

CWE-Other
 

 
admin/index.php in AV Arcade 2.1b grants administrative privileges when the ava_userid cookie value is 1, which allows remote attackers to perform certain administrative actions.

 
2007-07-04
 
CVE-2007-3563

CWE-89
 

 
SQL injection vulnerability in includes/view_page.php in AV Arcade 2.1b allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_page action to index.php.

 

 >>> Vendor: Av scripts 2 Products
Av arcade
Av tutorial script


Copyright 2024, cxsecurity.com

 

Back to Top