6 matches found
EUVD-2007-4587
Malware in sbrugna...
CVE-2007-4605
CVE-2007-4605 is a PHP remote file inclusion in Virtual War (VWar) prior to or including 1.5.0 R15. The vulnerability is triggered in convert/mvcw.php via the vwar_root parameter, allowing arbitrary PHP code execution. Related connected docs corroborate VWar RFI patterns affecting multiple script...
Remote file inclusion
PHP remote file inclusion vulnerability in Virtual War VWar 1.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter to 1 admin/admin.php, 2 war.php, 3 stats.php, 4 news.php, 5 joinus.php, 6 challenge.php, 7 calendar.php, 8 member.php, 9 popup.php, and other...
CVE-2006-1636
PHP remote file inclusion vulnerability in getheader.php in VWar 1.5.0 R12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter. NOTE: this is a different vulnerability than CVE-2006-1503...
CVE-2006-1636
CVE-2006-1636 affects Virtual War (VWar) 1.5.0 R12 and earlier. The flaw is a PHP remote file inclusion in get_header.php that allows an attacker to supply a URL via the vwar_root parameter to include arbitrary PHP code. Connected references also cover other VWar R1x vectors (e.g., CVE-2006-1747 ...
CVE-2006-1636
PHP remote file inclusion vulnerability in getheader.php in VWar 1.5.0 R12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter. NOTE: this is a different vulnerability than CVE-2006-1503...