4 matches found
Sql injection
Multiple SQL injection vulnerabilities in the Virtual War VWar 1.5.0 R15 module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the n parameter to extra/online.php and other unspecified scripts in extra/. NOTE: this might be same vulnerability as CVE-2006-4142; however,...
CVE-2006-4142
SQL injection vulnerability in extra/online.php in Virtual War VWar 1.5.0 R14 and earlier allows remote attackers to execute arbitrary SQL commands via the n parameter...
CVE-2006-4142
SQL injection vulnerability in extra/online.php in Virtual War VWar 1.5.0 R14 and earlier allows remote attackers to execute arbitrary SQL commands via the n parameter...
CVE-2006-4142
CVE-2006-4142 describes an SQL injection in Virtual War (VWar) 1.5.0 R14 and earlier, occurring in extra/online.php via the n parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands and has an attack surface classified as network with low complexity and no authentic...