Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the q parameter in a gamelist action.
5.8AI Score
0.002EPSS
Arcade Trade Script 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLoggedIn cookie to true.
7.2AI Score
0.011EPSS