NuytsTech Security

CVE-2006-3139

by ·

Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and (4) sortby parameters.

Date published : 2006-06-22

http://www.securityfocus.com/bid/27772

http://www.securityfocus.com/archive/1/443171/100/0/threaded

Tags: