Virtual War v1.5.0 <= Sql Injection vuln

2006-08-11T00:00:00
ID SECURITYVULNS:DOC:13858
Type securityvulns
Reporter Securityvulns
Modified 2006-08-11T00:00:00

Description

Vendor : www.vwar.de

Vuln. Ver. : 1.5.0 and lower

Dork : "Powered by : Virtual War v1.5.0"

intext:"www.vwar.de"


Author : MFox

Homepage : Www.HackerZ.iR

Www.H4ckerZ.Com

Iran HackerZ Security Team


PoC :

http://[host]/vwar/news.php?sortby=[SQL]

http://[host]/vwar/news.php?sortorder=[SQL]