Description

game_score.php in e107 allows remote attackers to insert high scores via HTTP POST methods utilizing the $player_name, $player_score, and $game_name variables.

Remediation

References

CVE-2005-3594

Related Vulnerabilities

phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-1149)

WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads PHP Code Injection (1.3)

WordPress Plugin GiveWP-Donation and Fundraising Platform Multiple Vulnerabilities (2.25.1)

MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43709)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5900)

Severity

Medium

Classification

CVE-2005-3594

Tags

Missing Update Known Vulnerabilities