5 matches found
EUVD-2007-4587
Malware in sbrugna...
Remote file inclusion
PHP remote file inclusion vulnerability in convert/mvcw.php in Virtual War VWar 1.5.0 R15 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter, a different vector than CVE-2006-1503, CVE-2006-1636, and CVE-2006-1747...
CVE-2007-4605
CVE-2007-4605 is a PHP remote file inclusion in Virtual War (VWar) prior to or including 1.5.0 R15. The vulnerability is triggered in convert/mvcw.php via the vwar_root parameter, allowing arbitrary PHP code execution. Related connected docs corroborate VWar RFI patterns affecting multiple script...
Remote file inclusion
PHP remote file inclusion vulnerability in Virtual War VWar 1.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter to 1 admin/admin.php, 2 war.php, 3 stats.php, 4 news.php, 5 joinus.php, 6 challenge.php, 7 calendar.php, 8 member.php, 9 popup.php, and other...
CVE-2006-1503
CVE-2006-1503 describes a PHP remote file inclusion in Virtual War (VWar) 1.5.0 R11 and earlier. The vulnerability occurs in includes/functions_install.php where a URL supplied via the vwar_root parameter can cause arbitrary PHP code execution on the affected system. This is a classic RFI risk fo...