Computer Security

Security Advisory: Virtual War v1.5.0 SQL injection and XSS
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SA21442] Invision Power Board Threaded View Mode Security Bypass

  BlaBla 4U XSS Vulnerabilite

  Wordpress WP-DB Backup Plugin Directory Traversal Vulnerability

  Peoplebook Mambo Component <= v1.0 Remote File Include Vulnerabilities

From:vampire_chiristof_(at)_yahoo.com <vampire_chiristof_(at)_yahoo.com>
Date:15.08.2006
Subject:Virtual War v1.5.0 SQL injection and XSS

Virtual War v1.5.0 SQL injection and XSS

http://[host]/vwar/war.php?s=[SQL]
http://[host]/vwar/war.php?page=[SQL]or[xss]
http://[host]/vwar/war.php?showgame=[SQL]
http://[host]/vwar/war.php?sortby=[sql]
http://[host]/vwar/war.php?sortorder=[sql]
http://host]/vwar/calendar.php?year=[xss]

vendor: www.vwar.de

google:"Powered by: Virtual War v1.5.0"

Discovered by Vampire

Connect Me : Vampire_chiristof@yahoo.com

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server