Virtual War@1.3 Security Vulnerabilities and Issues — Virtual War@1.3 CVE List

Lucene search

VwarVirtual War1.3

4 matches found

CVE•added 2006/03/30 1:6 a.m.•58 views

CVE-2006-1503

PHP remote file inclusion vulnerability in includes/functions_install.php in Virtual War (VWar) 1.5.0 R11 and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1636.

5.1CVSS7.2AI score0.01617EPSS

CVE•added 2006/04/06 10:4 a.m.•46 views

CVE-2006-1636

PHP remote file inclusion vulnerability in get_header.php in VWar 1.5.0 R12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1503.

7.5CVSS7.2AI score0.01617EPSS

CVE•added 2006/08/18 8:4 p.m.•43 views

CVE-2006-4224

Cross-site scripting (XSS) vulnerability in calendar.php in Virtual War (VWar) 1.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the year parameter. NOTE: The page parameter vector is covered by CVE-2006-4009.

4.3CVSS5.7AI score0.03175EPSS

CVE•added 2006/03/30 1:0 a.m.•36 views

CVE-2005-4748

PHP remote file include vulnerability in functions_admin.php in Virtual War (VWar) 1.5.0 R10 allows remote attackers to include and execute arbitrary PHP code via unspecified attack vectors. NOTE: this issue has been referred to as XSS, but it is clear from the vendor description that it is a file ...

6.8CVSS7.9AI score0.00734EPSS