Injection: Arcade.php - SQL Injection¶

Identifier: arcade_php_sqli

Scanner(s) Support¶

Description¶

The arcade.php script is vulnerable to SQL injection. By exploiting this vulnerability, an attacker can manipulate the SQL queries executed by the script, potentially gaining unauthorized access to the database.

Reference:

• https://www.exploit-db.com/exploits/29604
• https://github.com/OWASP/vbscan/

Configuration¶

Example¶

Example configuration:

---
security_tests:
  arcade_php_sqli:
    skip: false

Reference¶

skip¶

Type : boolean

Skip the test if true.