Av Scripts · Av Arcade 3 · CVE-2010-2933
**Name of the Vulnerable Software and Affected Versions**
AV Scripts AV Arcade 3
**Description**
A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the `ava code` cookie to the "main page", related to index.php and the login task.
**Recommendations**
For AV Scripts AV Arcade 3, consider restricting access to the `ava code` cookie and the login task in index.php to minimize the risk of exploitation. As a temporary workaround, avoid using the `ava code` cookie in the main page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.