VWar 1.x war.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/19327/info Vwar is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. These issues occur because the application fails to properly sanitize user-supplied input. A...

CVE-2006-4010

CVE-2006-4010 describes a SQL injection vulnerability in war.php of Virtual War (VWar) 1.5.0 and earlier, allowing remote attackers to execute arbitrary SQL commands through the page parameter. The vulnerability is explicitly part of a broader issue with VWar, with related vectors covered by CVE-...

VWar 1.x - 'war.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/19327/info Vwar is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues. These issues occur because the application fails to properly sanitize user-supplied input. A successful exploit of these...

Virtual War File İnclusion

Virtual War File nclusion --------------------------------- Site:http://www.vwar.de/ Demo:http://www.vwar.de/demo/ --------------------------------------- File nclusion // get functions $vwarroot = "./"; require $vwarroot . "includes/functionscommon.php"; require $vwarroot...