Talk Arcades: Forum for Arcade Webmasters 
 |
 |
 |
|
|||||||
 |
 |
|
Welcome to Talk Arcades, the premier forum for arcade webmasters. You are currently viewing our boards as a guest. By joining our community you will be able to make posts, communicate privately with other arcade webmasters and participate in our Live Marketplace. Registration is easy, so please join us today! |
 |
|
|
LinkBack | Thread Tools | Display Modes |
|
|
07-07-2007, 10:28 PM
|
#1 (permalink) |
|
Senior Member
Join Date: Mar 2007
Posts: 221
|
Hack fix for AB script
Description:
A vulnerability has been reported in ArcadeBuilder Game Portal Manager, which can be exploited by malicious people to conduct SQL Injection attacks. Input passed in the "usercookie" cookie to various scripts is not properly sanitised before being used in SQL queries. This can be exploited to manipulate an SQL query by injecting arbitrary SQL code. Successful exploitation e.g. allows bypassing the user authentication and logging in as an administrative user. The vulnerability is reported in version 1.7. Other versions may also be affected. Solution: Apply the vendor's official fix: Arcade Builder - Game Portal Manager |
|
 
|
|
|
|
|
|
07-07-2007, 11:24 PM
|
#2 (permalink) |
|
Contributing Member
Join Date: Apr 2007
Posts: 49
|
Fixed for GSS:
Security Fix For Gss < 3.1 - GameSiteScript Forums |
|
|
|
|
|
|
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Arcade Script Reviews | arcadillo | Scripts & Software | 6 | 08-08-2008 02:35 AM |
| Another arcade script found | MULITRI | Suggestions | 9 | 10-14-2007 12:22 PM |
| TopMedia Script - The most comprehensive media script, lots of content. | allstar | The Bazaar | 0 | 04-18-2007 12:18 AM |
| Working on a New Banner Exchange Script | cwconline | Scripts & Software | 2 | 03-14-2007 02:49 PM |
| My experience with a few scripts | skooby | Talk Arcades | 4 | 02-16-2007 03:48 PM |
All times are GMT -6. The time now is 10:10 PM.
