Vulnerabilities > CVE-2006-1082 - Cross-Site Scripting vulnerability in PHParcadescript 2.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in phpArcadeScript 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the gamename parameter in tellafriend.php, (2) the login_status parameter in loginbox.php, (3) the submissionstatus parameter in index.php, the (4) cell_title_background_color and (5) browse_cat_name parameters in browse.php, the (6) gamefile parameter in displaygame.php, and (7) possibly other parameters in unspecified PHP scripts.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description phpArcadeScript 2.0 browse.php Multiple Parameter XSS. CVE-2006-1082. Webapps exploit for php platform id EDB-ID:27352 last seen 2016-02-03 modified 2006-03-04 published 2006-03-04 reporter Retard source https://www.exploit-db.com/download/27352/ title phpArcadeScript 2.0 browse.php Multiple Parameter XSS description phpArcadeScript 2.0 index.php submissionstatus Parameter XSS. CVE-2006-1082. Webapps exploit for php platform id EDB-ID:27351 last seen 2016-02-03 modified 2006-03-04 published 2006-03-04 reporter Retard source https://www.exploit-db.com/download/27351/ title phpArcadeScript 2.0 index.php submissionstatus Parameter XSS description phpArcadeScript 2.0 loginbox.php login_status Parameter XSS. CVE-2006-1082. Webapps exploit for php platform id EDB-ID:27350 last seen 2016-02-03 modified 2006-03-04 published 2006-03-04 reporter Retard source https://www.exploit-db.com/download/27350/ title phpArcadeScript 2.0 loginbox.php login_status Parameter XSS description phpArcadeScript 2.0 displaygame.php gamefile Parameter XSS. CVE-2006-1082. Webapps exploit for php platform id EDB-ID:27353 last seen 2016-02-03 modified 2006-03-04 published 2006-03-04 reporter Retard source https://www.exploit-db.com/download/27353/ title phpArcadeScript 2.0 displaygame.php gamefile Parameter XSS description phpArcadeScript 2.0 tellafriend.php gamename Parameter XSS. CVE-2006-1082. Webapps exploit for php platform id EDB-ID:27349 last seen 2016-02-03 modified 2006-03-04 published 2006-03-04 reporter Retard source https://www.exploit-db.com/download/27349/ title phpArcadeScript 2.0 tellafriend.php gamename Parameter XSS