admin/index.php in AV Arcade 2.1b grants administrative privileges when the ava_userid cookie value is 1, which allows remote attackers to perform certain administrative actions.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Av_arcade |
Av_scripts |
2.1b |
2.1b |
References