14 matches found
EUVD-2009-2285
Malware in sbrugna...
Authentication flaw
Arcade Trade Script 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLoggedIn cookie to true...
CVE-2009-3966
Arcade Trade Script 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLoggedIn cookie to true...
CVE-2009-3966
Arcade Trade Script 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLoggedIn cookie to true...
CVE-2009-3966
CVE-2009-3966 affects Arcade Trade Script 1.0. The issue allows remote attackers to bypass authentication and gain administrative access by setting the adminLoggedIn cookie to true, enabling privilege elevation. Root cause is a cookie-based auth bypass in the login/auth flow; there is no document...
Arcade Trade Script 1.0b (Auth Bypass) Insecure Cookie Handling Vuln
Exploit for unknown platform in category web applications ==================================================================== Arcade Trade Script 1.0b Auth Bypass Insecure Cookie Handling Vuln ====================================================================...
Arcade Trade Script 1.0b (Auth Bypass) Insecure Cookie Handling Vuln
No description provided by source. ====================================================================== » Script : Arcade Trade Script v.1.0 Insecure Cookie Handling Vuln » Language : php » Script site : http://www.arcadetradescript.com » Founder: Mr.tro0oqy - from Yemen » Gr44tz to: H-...
Arcade Trade Script 1.0b - (Authentication Bypass) Insecure Cookie Handling
====================================================================== » Script : Arcade Trade Script v.1.0 Insecure Cookie Handling Vuln » Language : php » Script site : http://www.arcadetradescript.com » Founder: Mr.tro0oqy borken heart : » E-mail : [email protected]...
CVE-2009-2289
Cross-site scripting XSS vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the q parameter in a gamelist action...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the q parameter in a gamelist action...
CVE-2009-2289
Cross-site scripting XSS vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the q parameter in a gamelist action...
CVE-2009-2289
CVE-2009-2289 is an XSS vulnerability in Arcade Trade Script 1.0 beta, impacting index.php where the q parameter in a gamelist action can be exploited to inject arbitrary script/HTML. The issue is documented in multiple sources (e.g., NVD entry) and arises from insufficient input sanitization in ...
Arcade Trade Script Cross Site Scripting
Original advisory: http://www.davidsopas.com/2009/05/25/arcade-trade-script-xss/ Arcade Trade Script is a full arcade site CMS Content Management System with easy customization and advanced traffic trading system built in. With ATS you will hardly ever have to FTP anything. Almost all files, page...
Intergo Arcade Trade Script 1.0 - q Cross-Site Scripting
Intergo Arcade Trade Script 1.0 - q Cross-Site Scripting source: https://www.securityfocus.com/bid/44555/info Arcade Trade Script is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute...