Lucene search
K

120 matches found

NVD
NVD
added 2008/02/13 8:0 p.m.15 views

CVE-2008-0753

SQL injection vulnerability in calendar.php in Virtual War VWar 1.5 allows remote attackers to execute arbitrary SQL commands via the month parameter...

7.5CVSS8.3AI score0.00961EPSS
Exploits1References3
Cvelist
Cvelist
added 2008/02/13 7:0 p.m.18 views

CVE-2008-0753

SQL injection vulnerability in calendar.php in Virtual War VWar 1.5 allows remote attackers to execute arbitrary SQL commands via the month parameter...

8.3AI score0.00961EPSS
Exploits1References3
CVE
CVE
added 2008/02/13 7:0 p.m.56 views

CVE-2008-0753

CVE-2008-0753 describes an SQL injection in the calendar.php file of Virtual War (VWar) 1.5, exploitable remotely via the month parameter. The vulnerability allows an attacker to execute arbitrary SQL commands. According to the associated records, the issue is triggered by unvalidated input in th...

7.5CVSS8.4AI score0.00961EPSS
Exploits1References3Affected Software1
securityvulns
securityvulns
added 2008/02/13 12:0 a.m.50 views

Vwar New Bug

Vendor : Www.Vwar.De Credits : PouyaServer Vuln. Ver : v1.5.0 Http://pouya-server.blogfa.com [email protected] --------------------------------------------------- http://host/vwar/war.php?s=SQL http://host/vwar/war.php?page=SQL http://host/vwar/war.php?showgame=SQL...

Exploits0
securityvulns
securityvulns
added 2008/02/12 12:0 a.m.42 views

Vwar 1.5.0

Vendor : Www.Vwar.De Credits : Pouyaserver Ver : v1.5.0 [email protected] ----------------------------------------- http://host/vwar/calendar.php?month=SQL...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2008/02/11 12:0 a.m.14 views

VWar 1.5 - calendar.php SQL Injection

VWar 1.5 - calendar.php SQL Injection source: https://www.securityfocus.com/bid/27722/info VWar is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/11 12:0 a.m.19 views

vwar-sql.txt

Vendor : Www.Vwar.De Credits : Pouyaserver Ver : v1.5.0 [email protected] ----------------------------------------- http://host/vwar/calendar.php?month=SQL...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/11 12:0 a.m.24 views

VWar 1.5 - 'calendar.php' SQL Injection

source: https://www.securityfocus.com/bid/27722/info VWar is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or...

7.4AI score
Exploits0
NVD
NVD
added 2007/08/31 12:17 a.m.17 views

CVE-2007-4606

PHP remote file inclusion vulnerability in convert/mvcwconver.php in the Virtual War VWar module for PHPNuke-Clan PNC 4.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter, a different vector than CVE-2006-1602. NOTE: it is possible that this...

7.5CVSS7.4AI score0.0213EPSS
Exploits0References2
Prion
Prion
added 2007/08/31 12:17 a.m.21 views

Remote file inclusion

PHP remote file inclusion vulnerability in convert/mvcwconver.php in the Virtual War VWar module for PHPNuke-Clan PNC 4.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter, a different vector than CVE-2006-1602. NOTE: it is possible that this...

7.5CVSS7.7AI score0.0213EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2007/08/31 12:0 a.m.159 views

CVE-2007-4606

CVE-2007-4606 describes a PHP remote file inclusion in the Virtual War (VWar) module of PHPNuke-Clan (PNC) 4.2.0 and earlier. The vulnerability arises in convert/mvcw_conver.php where an attacker can cause arbitrary PHP code execution by supplying a crafted URL in the vwar_root parameter. The iss...

7.5CVSS7.5AI score0.0213EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2007/08/29 12:0 a.m.30 views

vwar-rfi.txt

'/ -.- --------------------oOO------OOo-------------------- | VWar = v1.5.0 R15 mvcw.php Remote File Inclusion | | coded by DNX | ------------------------------------------------------- ! Discovered: DNX ! Vendor: http://www.vwar.de ! Detected: 26.02.2007 ! Reported: 27.02.2007 ! Remote: yes !...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/08/29 12:0 a.m.149 views

VWar <= v1.5.0 R15 (mvcw.php) Remote File Inclusion Vulnerability

No description provided by source. '/ -.- --------------------oOO------OOo-------------------- | VWar = v1.5.0 R15 mvcw.php Remote File Inclusion | | coded by DNX | ------------------------------------------------------- ! Discovered: DNX ! Vendor: http://www.vwar.de ! Detected: 26.02.2007 !...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/08/28 12:0 a.m.61 views

VWar <= v1.5.0 R15 (mvcw.php) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================= VWar = v1.5.0 R15 mvcw.php Remote File Inclusion Vulnerability ================================================================= '/ -.-...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/08/28 12:0 a.m.96 views

VWar 1.5.0 R15 - mvcw.php Remote File Inclusion

VWar 1.5.0 R15 - mvcw.php Remote File Inclusion '/ -.- --------------------oOO------OOo-------------------- | VWar = v1.5.0 R15 mvcw.php Remote File Inclusion | | coded by DNX | ------------------------------------------------------- ! Discovered: DNX ! Vendor: http://www.vwar.de ! Detected:...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2007/08/28 12:0 a.m.74 views

VWar 1.5.0 R15 - &#039;mvcw.php&#039; Remote File Inclusion

'/ -.- --------------------oOO------OOo-------------------- | VWar = v1.5.0 R15 mvcw.php Remote File Inclusion | | coded by DNX | ------------------------------------------------------- ! Discovered: DNX ! Vendor: http://www.vwar.de ! Detected: 26.02.2007 ! Reported: 27.02.2007 ! Remote: yes !...

7.4AI score
Exploits0
NVD
NVD
added 2007/04/26 9:19 p.m.21 views

CVE-2007-2312

Multiple SQL injection vulnerabilities in the Virtual War VWar 1.5.0 R15 module for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the n parameter to extra/online.php and other unspecified scripts in extra/. NOTE: this might be same vulnerability as CVE-2006-4142; however,...

7.5CVSS8.4AI score0.01195EPSS
Exploits1References6
Prion
Prion
added 2007/04/26 9:19 p.m.21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Virtual War VWar 1.5.0 R15 and earlier module for PHP-Nuke, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 memberlist parameter to extra/login.php and the 2 title parameter to...

4.3CVSS6.1AI score0.01125EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2007/04/26 9:19 p.m.39 views

CVE-2007-2306

Multiple cross-site scripting XSS vulnerabilities in the Virtual War VWar 1.5.0 R15 and earlier module for PHP-Nuke, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 memberlist parameter to extra/login.php and the 2 title parameter to...

4.3CVSS5.8AI score0.01125EPSS
Exploits1References5
Cvelist
Cvelist
added 2007/04/26 9:0 p.m.28 views

CVE-2007-2306

Multiple cross-site scripting XSS vulnerabilities in the Virtual War VWar 1.5.0 R15 and earlier module for PHP-Nuke, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 memberlist parameter to extra/login.php and the 2 title parameter to...

5.8AI score0.01125EPSS
Exploits1References5
Rows per page
Query Builder