Vwar Virtual War version 1.1.2 : Security vulnerabilities, CVEs sql injection

cpe:2.3:a:vwar:virtual_war:1.1.2:*:*:*:*:*:*:*

CVE-2006-4141

SQL injection vulnerability in news.php in Virtual War (VWar) 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) sortby and (2) sortorder parameters.

Max CVSS

7.5

EPSS Score

0.32%

Published

2006-08-14

Updated

2018-10-17

Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and (4) sortby parameters.

Max CVSS

7.5

EPSS Score

0.64%

Published

2006-06-22

Updated

2018-10-18

2 vulnerabilities found

Vwar » Virtual War » 1.1.2 : Security Vulnerabilities, CVEs, (Sql injection)

CVE-2006-4141

CVE-2006-3139