3 matches found
Sql injection
SQL injection vulnerability in viewnews.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the newsid parameter. NOTE: the gameid vector is already covered by CVE-2008-4460...
CVE-2008-4460
CVE-2008-4460 concerns a SQL injection vulnerability in Vastal I-Tech MMORPG Zone, specifically in game.php where the game_id parameter can be used by an attacker to execute arbitrary SQL commands remotely. The vulnerability description identifies the affected component as game.php within the MMO...
CVE-2008-4460
SQL injection vulnerability in game.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the gameid parameter...