Computer Security

Security Advisory: Virtual War v1.5.0 <= Sql Injection vuln
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  PHPMyRing <= 4.2.0 (view_com.
php) Remote SQL Injection

  Yabb XSS

  TinyWebGallery v1.5 ( image ) Remote Include Vulnerability

  Directory Traversal vulnerability in IPCheck Monitor Server

From:mfoxhacker_(at)_gmail.com <mfoxhacker_(at)_gmail.com>
Date:11.08.2006
Subject:Virtual War v1.5.0 <= Sql Injection vuln

Vendor : www.vwar.de

Vuln. Ver. : 1.5.0 and lower

Dork : "Powered by : Virtual War v1.5.0"

intext:"www.vwar.de"

-------------------------------------------

Author : MFox

Homepage : Www.HackerZ.iR

Www.H4ckerZ.Com

Iran HackerZ Security Team

-------------------------------------------

PoC :

http://[host]/vwar/news.php?sortby=[SQL]

http://[host]/vwar/news.php?sortorder=[SQL]

-------------------------------------------
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server