Vulnerabilities > CVE-2005-3594 - Remote Security vulnerability in e107

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

e107

NVD

Published: 2005-11-16

Updated: 2016-10-18

Summary

game_score.php in e107 allows remote attackers to insert high scores via HTTP POST methods utilizing the $player_name, $player_score, and $game_name variables.

Vulnerable Configurations

Part	Description	Count
Application	E107 E107 E107 *	1

References

http://marc.info/?l=bugtraq&m=113141422014568&w=2
http://securityreason.com/securityalert/158