CVE-2010-2933

Description

SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the ava_code cookie to the "main page," related to index.php and the login task.

Affected products

• avscripts / av_arcade3 – 3

References

• MISChttp://www.securityfocus.com/bid/42023
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/60799
• EXPLOIThttp://www.exploit-db.com/exploits/14494