NuytsTech Security

CVE-2006-4141

by ·

SQL injection vulnerability in news.php in Virtual War (VWar) 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) sortby and (2) sortorder parameters.

Date published : 2006-08-14

http://www.securityfocus.com/archive/1/442880/100/0/threaded

http://securityreason.com/securityalert/1383

Tags: