Description
game_score.php in e107 allows remote attackers to insert high scores via HTTP POST methods utilizing the $player_name, $player_score, and $game_name variables.
Remediation
References
Related Vulnerabilities
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-1149)
WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads PHP Code Injection (1.3)
WordPress Plugin GiveWP-Donation and Fundraising Platform Multiple Vulnerabilities (2.25.1)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5900)