Lucene search

[email protected]CVE-2006-3139

HistoryJun 22, 2006 - 10:06 p.m.

CVE-2006-3139

2006-06-2222:06:00

CWE-89

[email protected]

web.nvd.nist.gov

cve

2006

3139

sql injection

virtual war

vwar

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.0%

JSON

Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and (4) sortby parameters.

Affected configurations

NVD

Node

vwarvirtual_warRange≤1.5.0_r14

vwarvirtual_warMatch1.5.0_r1

vwarvirtual_warMatch1.5.0_r2

vwarvirtual_warMatch1.5.0_r3

vwarvirtual_warMatch1.5.0_r4

vwarvirtual_warMatch1.5.0_r5

vwarvirtual_warMatch1.5.0_r6

vwarvirtual_warMatch1.5.0_r7

vwarvirtual_warMatch1.5.0_r8

vwarvirtual_warMatch1.5.0_r9

vwarvirtual_warMatch1.5.0_r10

vwarvirtual_warMatch1.5.0_r11

vwarvirtual_warMatch1.5.0_r12

vwarvirtual_warMatch1.5.0_r13

CPENameOperatorVersion
vwar:virtual_warvwar virtual warle1.5.0_r14
vwar:virtual_warvwar virtual wareq1.5.0_r1
vwar:virtual_warvwar virtual wareq1.5.0_r2
vwar:virtual_warvwar virtual wareq1.5.0_r3
vwar:virtual_warvwar virtual wareq1.5.0_r4
vwar:virtual_warvwar virtual wareq1.5.0_r5
vwar:virtual_warvwar virtual wareq1.5.0_r6
vwar:virtual_warvwar virtual wareq1.5.0_r7
vwar:virtual_warvwar virtual wareq1.5.0_r8
vwar:virtual_warvwar virtual wareq1.5.0_r9

CPE	Name	Operator	Version
vwar:virtual_war	vwar virtual war	le	1.5.0_r14
vwar:virtual_war	vwar virtual war	eq	1.5.0_r1
vwar:virtual_war	vwar virtual war	eq	1.5.0_r2
vwar:virtual_war	vwar virtual war	eq	1.5.0_r3
vwar:virtual_war	vwar virtual war	eq	1.5.0_r4
vwar:virtual_war	vwar virtual war	eq	1.5.0_r5
vwar:virtual_war	vwar virtual war	eq	1.5.0_r6
vwar:virtual_war	vwar virtual war	eq	1.5.0_r7
vwar:virtual_war	vwar virtual war	eq	1.5.0_r8
vwar:virtual_war	vwar virtual war	eq	1.5.0_r9

Rows per page:

1-10 of 141

References

archives.neohapsis.com/archives/bugtraq/2008-02/0186.html

pridels0.blogspot.com/2006/06/virtual-war-multiple-sql-inj-vuln.html

secunia.com/advisories/20696

www.osvdb.org/26533

www.securityfocus.com/archive/1/443171/100/0/threaded

www.securityfocus.com/archive/1/488118/100/200/threaded

www.securityfocus.com/bid/27772

www.vupen.com/english/advisories/2006/2383

exchange.xforce.ibmcloud.com/vulnerabilities/27153

exchange.xforce.ibmcloud.com/vulnerabilities/40481

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.0%

JSON

Related for CVE-2006-3139

cvelist2 nvd3 cve2