Lucene search
ITSecTeamEDB-ID:12416HistoryApr 27, 2010 - 12:00 a.m.
PHP Quick Arcade 3.0.21 - Multiple Vulnerabilities
2010-04-2700:00:00
ITSecTeam
www.exploit-db.com
25
AI Score
7.4
Confidence
Low
PHP Quick Arcade 3.0.21 Multiple Vulnerabilites
-----------------------------------------------------------
#Title: PHP-Quick-Arcade 3.0.21 Multiple Vulnerabilites
#Vendor: http://quickarcade.jcink.com/
-----------------------------------------------------------
#AUTHOR: ITSecTeam
#Email: [email protected]
#Website: http://www.itsecteam.com
#Forum : http://forum.ITSecTeam.com
#Original Advisory: www.ITSecTeam.com/en/vulnerabilities/vulnerability47.htm
#Thanks: Pejvak,[email protected],r3dm0v3,am!rkh@n
-----------------------------------------------------------
# POC 1
-----------------------------------------------------------
www.Site.com/Arcade.php
Send Your Query With Cookie => phpqa_user_c
phpqa_user_c= Sql Injection
Can Use tamper data in mozila
-----------------------------------------------------------
# POC 2
-----------------------------------------------------------
This Bug Worked With Register_Global = On
www.Site.com/acpmoderate.php?id=Sql Injection
-----------------------------------------------------------
# POC 3
-----------------------------------------------------------
Cross Site Scripting (XSS)
www.Site.com/acpmoderate.php?serv=Xss CodeRelated
openvas
openvas
PHP Quick Arcade <= 3.0.21 Multiple Vulnerabilities
2010-06-21 00:00:00
PHP Quick Arcade SQL Injection and Cross Site Scripting Vulnerabilities
2010-06-21 00:00:00
cvelist
cvelist
CVE-2010-1662
2010-04-30 17:00:00
CVE-2010-1661
2010-04-30 17:00:00
nvd
nvd
CVE-2010-1662
2010-05-03 13:51:53
CVE-2010-1661
2010-05-03 13:51:53
prion
prion
Cross site scripting
2010-05-03 13:51:00
Sql injection
2010-05-03 13:51:00
cve
cve
CVE-2010-1662
2010-05-03 13:51:53
CVE-2010-1661
2010-05-03 13:51:53