Description
game_score.php in e107 allows remote attackers to insert high scores via HTTP POST methods utilizing the $player_name, $player_score, and $game_name variables.
Remediation
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2006-5353)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-10890)
PHP CVE-2007-4670 Vulnerability (CVE-2007-4670)
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Request Forgery (4.3.24)
WordPress Plugin Advanced Order Export For WooCommerce Cross-Site Scripting (3.1.3)