Arcadetradescript Arcade Trade Script vulnerabilities
2 known vulnerabilities affecting arcadetradescript/arcade_trade_script.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2009-3966P3HIGHCVSS 7.5PoCv1.02009-11-18
CVE-2009-3966 [HIGH] CWE-287 CVE-2009-3966: Arcade Trade Script 1.0 allows remote attackers to bypass authentication and gain administrative acc
Arcade Trade Script 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLoggedIn cookie to true.
nvd
CVE-2009-2289P4MEDIUMCVSS 4.3PoCv1.0_beta2009-07-01
CVE-2009-2289 [MEDIUM] CWE-79 CVE-2009-2289: Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote
Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the q parameter in a gamelist action.
nvd