CVE-2009-3187

Standalonearcade Saa - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in gamelist.php in Stand Alone Arcade 1.1 allows remote attackers to inject arbitrary web script or HTML via the cat parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Moudi · textwebappsphp

https://www.exploit-db.com/exploits/34878

View Code ZIP pw:eip

References (3)

[Exploit] http://packetstormsecurity.org/0908-exploits/saa-xss.txt

[Vendor Advisory] http://secunia.com/advisories/36481

[Vendor Advisory] http://www.vupen.com/english/advisories/2009/2438

Scores

EPSS 0.0119

EPSS Percentile 78.6%

Classification

CWE

CWE-79

Status published

Affected Products (2)

standalonearcade/saa

n/a/n/a

Timeline

Published Sep 15, 2009

Tracked Since Feb 18, 2026