CVE-2010-2933

Name of the Vulnerable Software and Affected Versions AV Scripts AV Arcade 3

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the ava code cookie to the "main page", related to index.php and the login task.

Recommendations For AV Scripts AV Arcade 3, consider restricting access to the ava code cookie and the login task in index.php to minimize the risk of exploitation. As a temporary workaround, avoid using the ava code cookie in the main page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.