|
Description
|
|
Multiple vulnerabilities have been identified in phpArcadeScript, which may be exploited by attackers to execute arbitrary scripting code. These flaws are due to input validation errors in the "includes/tellafriend.php", "admin/loginbox.php", "index.php", "includes/browse.php" and "includes/displaygame.php" scripts that do not properly validate the "gamename", "login_status", "submissionstatus", "cell_title_background_color", "browse_cat_name" and "gamefile" parameters, which could be exploited by attackers to cause malicious scripting code to be executed by the user's browser in the security context of an affected Web site.
|
