Lucene search
+L

120 matches found

Cvelist
Cvelist
added 2007/04/26 9:0 p.m.30 views

CVE-2007-2306

Multiple cross-site scripting XSS vulnerabilities in the Virtual War VWar 1.5.0 R15 and earlier module for PHP-Nuke, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 memberlist parameter to extra/login.php and the 2 title parameter to...

5.8AI score0.01125EPSS
Exploits1References5
securityvulns
securityvulns
added 2007/04/13 12:0 a.m.75 views

[waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke

waraxe-2007-SA048 - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke Author: Janek Vind "waraxe" Date: 13. April 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-48.html Target software description: VWar module for PhpNuke http://www.vwar.de/ VWar is a webbased...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/06 12:0 a.m.25 views

VWar <= 1.50 R14 (online.php) Remote SQL Injection Vulnerability

No description provided by source. .: insecurity research team :. ....:...:. . .:. | |/ :/ // :/ .:. : | | | \\ /\ / :. . ..: ||| / \ \ .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: 1o.o8.2oo6 .. Affected Application: VWar = v1.50 R14 . . : contact :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2006/08/27 12:0 a.m.21 views

vwar150.txt

.: insecurity research team :. ....:...:. . .:. | |/ :/ // :/ .:. : | | | \\ /\ / :. . ..: ||| / \ \ .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: 1o.o8.2oo6 .. Affected Application: VWar query" line 64: SELECT memberid, name, lastactivity line 65: FROM...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2006/08/18 7:55 p.m.27 views

CVE-2006-4224

Cross-site scripting XSS vulnerability in calendar.php in Virtual War VWar 1.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the year parameter. NOTE: The page parameter vector is covered by CVE-2006-4009...

5.7AI score0.01146EPSS
Exploits0References3
CVE
CVE
added 2006/08/18 7:55 p.m.56 views

CVE-2006-4224

CVE-2006-4224 is an XSS vulnerability in Virtual War (VWar) calendar.php affecting VWar 1.5.0 and earlier. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the year parameter. The CVE also notes that the page parameter vector is covered by CVE-2006-4009. No fur...

4.3CVSS5.7AI score0.01146EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2006/08/14 11:4 p.m.21 views

CVE-2006-4142

SQL injection vulnerability in extra/online.php in Virtual War VWar 1.5.0 R14 and earlier allows remote attackers to execute arbitrary SQL commands via the n parameter...

7.5CVSS8.3AI score0.01261EPSS
Exploits1References7
Cvelist
Cvelist
added 2006/08/14 11:0 p.m.22 views

CVE-2006-4141

SQL injection vulnerability in news.php in Virtual War VWar 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 sortby and 2 sortorder parameters...

8.4AI score0.01179EPSS
Exploits0References3
CVE
CVE
added 2006/08/14 11:0 p.m.42 views

CVE-2006-4141

CVE-2006-4141 affects Virtual War (VWar) prior to 1.5.0, specifically the news.php module. It exposes a SQL injection vulnerability exploitable via the sortby and sortorder parameters, allowing remote attackers to execute arbitrary SQL commands. The CVE entry notes a base score of 7.5 (HIGH) with...

7.5CVSS8.8AI score0.01179EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2006/08/14 11:0 p.m.51 views

CVE-2006-4142

CVE-2006-4142 describes an SQL injection in Virtual War (VWar) 1.5.0 R14 and earlier, occurring in extra/online.php via the n parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands and has an attack surface classified as network with low complexity and no authentic...

7.5CVSS8.3AI score0.01261EPSS
Exploits1References7Affected Software1
securityvulns
securityvulns
added 2006/08/14 12:0 a.m.31 views

VWar <= 1.50 R14 (n) Remote SQL Injection

.: insecurity research team :. ....:...:. . .:. | |/ :/ // :/ .:. : | | | / / :. . ..: ||| / .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: 1o.o8.2oo6 .. Affected Application: VWar = v1.50 R14 . . : contact :...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2006/08/10 12:0 a.m.30 views

VWar 1.50 R14 - online.php SQL Injection

VWar 1.50 R14 - online.php SQL Injection .: insecurity research team :. ....:...:. . .:. | |/ :/ // :/ .:. : | | | \\ /\ / :. . ..: ||| / \ \ .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: 1o.o8.2oo6 .. Affected Application: VWar query" line 64: SELECT memberid,...

0.5AI score
Exploits0
0day.today
0day.today
added 2006/08/10 12:0 a.m.33 views

VWar <= 1.50 R14 (online.php) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ VWar \ \ .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: 1o.o8.2oo6 .. Affected Application: VWar query" line 64: SELECT memberid, name,...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/08/10 12:0 a.m.52 views

VWar 1.50 R14 - &#039;online.php&#039; SQL Injection

.: insecurity research team :. ....:...:. . .:. | |/ :/ // :/ .:. : | | | \\ /\ / :. . ..: ||| / \ \ .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: 1o.o8.2oo6 .. Affected Application: VWar query" line 64: SELECT memberid, name, lastactivity line 65: FROM...

7.4AI score
Exploits0
NVD
NVD
added 2006/08/07 7:4 p.m.19 views

CVE-2006-4010

SQL injection vulnerability in war.php in Virtual War Vwar 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: other vectors are covered by CVE-2006-3139...

7.5CVSS8.1AI score0.01743EPSS
Exploits1References8
CVE
CVE
added 2006/08/07 7:0 p.m.54 views

CVE-2006-4009

CVE-2006-4009 describes an XSS in the Virtual War (VWar) application. Affected: VWar versions up to 1.5.0 and earlier, exploitable through the page parameter in the file war.php (also echoed by related CVE-2006-4224 noting that the page vector is covered by CVE-2006-4009). Root cause: insufficien...

4.3CVSS5.7AI score0.01672EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2006/08/07 7:0 p.m.50 views

CVE-2006-4010

CVE-2006-4010 describes a SQL injection vulnerability in war.php of Virtual War (VWar) 1.5.0 and earlier, allowing remote attackers to execute arbitrary SQL commands through the page parameter. The vulnerability is explicitly part of a broader issue with VWar, with related vectors covered by CVE-...

7.5CVSS8.2AI score0.01743EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2006/08/07 7:0 p.m.24 views

CVE-2006-4010

SQL injection vulnerability in war.php in Virtual War Vwar 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: other vectors are covered by CVE-2006-3139...

8.1AI score0.01743EPSS
Exploits1References8
exploitpack
exploitpack
added 2006/08/07 12:0 a.m.38 views

VWar 1.5 - war.php?vwar_root Remote File Inclusion

VWar 1.5 - war.php?vwarroot Remote File Inclusion source: https://www.securityfocus.com/bid/19387/info VWar is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2006/08/07 12:0 a.m.25 views

VWar 1.5 - challenge.php?vwar_root Remote File Inclusion

VWar 1.5 - challenge.php?vwarroot Remote File Inclusion source: https://www.securityfocus.com/bid/19387/info VWar is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an...

0.6AI score
Exploits0
Rows per page
Query Builder