Description

game_score.php in e107 allows remote attackers to insert high scores via HTTP POST methods utilizing the $player_name, $player_score, and $game_name variables.

Remediation

References

CVE-2005-3594

Related Vulnerabilities

Ruby Cryptographic Issues Vulnerability (CVE-2013-4073)

MySQL CVE-2019-3004 Vulnerability (CVE-2019-3004)

WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce SQL Injection (5.7.20)

WordPress Plugin MoolaMojo Cross-Site Scripting (0.7.4.1)

WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress Cross-Site Scripting (1.4.0)

Severity

Medium

Classification

CVE-2005-3594

Tags

Missing Update Known Vulnerabilities