AV Arcade BugFix – XSS Exploit
AV Arcade BugFix – XSS Exploit
Jan 06The Problem:
EDITED::…
This was originally reported as link spam, but could easily be a lot worse.
When registering, the user name field is open to possible attack.
Code will be processed on the members page.
The code can be overflown to the homepage fairly easily.
XSS can be used.
I would now consider this as a serious...
AV Arcade v4.0.2 c [Unofficial]
AV Arcade v4.0.2 c [Unofficial]
Jan 04What’s this about?
I have been using AV Arcade for a while now and think it’s a great script.
I have spent a lot of time looking through the source code and have have some success with my arcade site.
There are a few small issues with the script which don’t detract from the usability, but could reduce...