Virtual War@1.5.0 r10 Security Vulnerabilities and Issues — Virtual War@1.5.0 r10 CVE List

Lucene search

VwarVirtual War1.5.0 r10

5 matches found

CVE•added 2006/03/30 1:6 a.m.•58 views

CVE-2006-1503

PHP remote file inclusion vulnerability in includes/functions_install.php in Virtual War (VWar) 1.5.0 R11 and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1636.

5.1CVSS7.2AI score0.01617EPSS

CVE•added 2006/04/06 10:4 a.m.•46 views

CVE-2006-1636

PHP remote file inclusion vulnerability in get_header.php in VWar 1.5.0 R12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1503.

7.5CVSS7.2AI score0.01617EPSS

CVE•added 2006/06/22 10:6 p.m.•45 views

CVE-2006-3139

Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and (4) sortby parameters.

7.5CVSS8.4AI score0.01314EPSS

CVE•added 2006/08/14 11:4 p.m.•40 views

CVE-2006-4142

SQL injection vulnerability in extra/online.php in Virtual War (VWar) 1.5.0 R14 and earlier allows remote attackers to execute arbitrary SQL commands via the n parameter.

7.5CVSS8.3AI score0.00916EPSS

CVE•added 2006/03/30 1:0 a.m.•36 views

CVE-2005-4748

PHP remote file include vulnerability in functions_admin.php in Virtual War (VWar) 1.5.0 R10 allows remote attackers to include and execute arbitrary PHP code via unspecified attack vectors. NOTE: this issue has been referred to as XSS, but it is clear from the vendor description that it is a file ...

6.8CVSS7.9AI score0.00734EPSS