Description

game_score.php in e107 allows remote attackers to insert high scores via HTTP POST methods utilizing the $player_name, $player_score, and $game_name variables.

Remediation

References

CVE-2005-3594

Related Vulnerabilities

WordPress Plugin JSmol2WP Multiple Vulnerabilities (1.07)

Microsoft SQL Server Other Vulnerability (CVE-2000-1083)

WordPress 4.1.x PHP Object Injection (4.1 - 4.1.32)

WordPress Plugin Yoast SEO Cross-Site Scripting (22.6)

WordPress Plugin Safe Editor Unspecified Vulnerability (1.1)

Severity

Medium

Classification

CVE-2005-3594

Tags

Missing Update Known Vulnerabilities