Vulnerabilities > Pegames
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-06-26 | CVE-2008-2871 | Cross-Site Scripting vulnerability in Pegames Multiple cross-site scripting (XSS) vulnerabilities in template2.php in PEGames allow remote attackers to inject arbitrary web script or HTML via the (1) sitetitle, (2) sitenav, (3) sitemain, and (4) sitealt parameters. | 4.3 |
2006-12-01 | CVE-2006-6213 | Remote File Include vulnerability in PEGames index.php in PEGames uses the extract function to overwrite critical variables, which allows remote attackers to conduct PHP remote file inclusion attacks via the abs_url parameter, which is later extracted to overwrite a previously uncontrolled value. | 7.5 |