2 matches found
CVE-2009-3973
SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a browse action, a different vector than CVE-2008-5629...
CVE-2008-5629
CVE-2008-5629 describes an SQL injection in the Turnkey Arcade Script: vulnerable component is index.php, via the id parameter in a play action. The underlying flaw allows remote attackers to inject arbitrary SQL and potentially affect data, due to the input being unsafely concatenated into queri...