6 matches found
CVE-2025-66687
Doom Launcher 3.8.1.0 is vulnerable to Directory Traversal due to missing file path validation during the extraction of game files...
CVE-2025-66687
Doom Launcher 3.8.1.0 is vulnerable to Directory Traversal due to missing file path validation during the extraction of game files...
CVE-2025-66687
Doom Launcher 3.8.1.0 is vulnerable to a Directory Traversal flaw caused by missing file path validation during extraction of game files. The issue is described across multiple sources (RH, NVD, EUVD, CVE listings) with a CVSSv3.1 base score of 7.5 (High) and an attack vector of Network, requirin...
CVE-2024-39828
R74n Sandboxels 1.9 through 1.9.5 allows XSS via a message in a modified saved-game file. This was fixed in a hotfix to 1.9.5 on 2024-06-29...
CVE-2024-39828
CVE-2024-39828 affects R74n Sandboxels versions 1.9 through 1.9.5, enabling cross-site scripting via a message in a manipulated saved-game file. Red Hat and NVD entries concur; the issue was fixed in a hotfix to version 1.9.5 released on 2024-06-29. The Red Hat/CVE notes and related enrichments r...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in phpArcadeScript 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the gamename parameter in tellafriend.php, 2 the loginstatus parameter in loginbox.php, 3 the submissionstatus parameter in index.php, the 4...