Description

game_score.php in e107 allows remote attackers to insert high scores via HTTP POST methods utilizing the $player_name, $player_score, and $game_name variables.

Remediation

References

CVE-2005-3594

Related Vulnerabilities

MediaWiki Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2032)

silverstripeCMS Session Fixation Vulnerability (CVE-2019-12203)

Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-22721)

Oracle Database Server CVE-2008-2591 Vulnerability (CVE-2008-2591)

WordPress Plugin Daily Prayer Time Cross-Site Request Forgery (2023.03.08)

Severity

Medium

Classification

CVE-2005-3594

Tags

Missing Update Known Vulnerabilities