CVE-2007-3586
CVE-2007-3586 affects MyCMS 0.9.8 and earlier. Multiple direct static code injection vulnerabilities allow remote attackers to inject arbitrary PHP into (1) _score.txt via the score parameter, or (2) _setby.txt via a login cookie, which is then included by games.php. The description notes that pr...