Code injection

2007-07-1001:30:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

admin/index.php in AV Arcade 2.1b grants administrative privileges when the ava_userid cookie value is 1, which allows remote attackers to perform certain administrative actions.

CPENameOperatorVersion
av_arcadeeq2.1.98

CPE	Name	Operator	Version
	av_arcade	eq	2.1.98

References

osvdb.org/38952

securityreason.com/securityalert/2871

www.securityfocus.com/archive/1/472666/100/0/threaded

www.securityfocus.com/bid/24736/info

exchange.xforce.ibmcloud.com/vulnerabilities/35234