CVE-2009-0731

Free Arcade Script 1.0 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in pages/play.php in Free Arcade Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Osirys · perlwebappsphp
https://www.exploit-db.com/exploits/8094

References (3)

Scores

EPSS 0.0446
EPSS Percentile 89.1%

Details

CWE
CWE-22
Status published
Products (1)
freearcadescript/free_arcade_script 1.0
Published Feb 24, 2009
Tracked Since Feb 18, 2026