Arcadetradescript: Security Vulnerabilities
Arcade Trade Script 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLoggedIn cookie to true.
CVSS Score
7.5
EPSS Score
0.012
Published
2009-11-18
Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the q parameter in a gamelist action.
CVSS Score
4.3
EPSS Score
0.001
Published
2009-07-01