Vulnerability Details CVE-2009-2289
Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the q parameter in a gamelist action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.2%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/35197
- http://www.davidsopas.com/2009/05/25/arcade-trade-script-xss
- http://www.securityfocus.com/archive/1/503801/100/0/threaded
- http://secunia.com/advisories/35197
- http://www.davidsopas.com/2009/05/25/arcade-trade-script-xss
- http://www.securityfocus.com/archive/1/503801/100/0/threaded
Products affected by CVE-2009-2289
-
cpe:2.3:a:arcadetradescript:arcade_trade_script:1.0_beta