|
|
CVE Reference: CVE-2006-1082 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-1082 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in phpArcadeScript 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the gamename parameter in tellafriend.php, (2) the login_status parameter in loginbox.php, (3) the submissionstatus parameter in index.php, the (4) cell_title_background_color and (5) browse_cat_name parameters in browse.php, the (6) gamefile parameter in displaygame.php, and (7) possibly other parameters in unspecified PHP scripts. |
|
|
CVE Status: Candidate |
|
|
References: SREASON http://securityreason.com/securityalert/533 SAID Secunia Advisory: SA19124 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/426755/100/0/threaded BID 16957 |
|
| Return to the previous page. |
