Virtual War v1.5.0 SQL injection and XSS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Virtual War v1.5.0 SQL injection and XSS

http://[host]/vwar/war.php?s=[SQL]
http://[host]/vwar/war.php?page=[SQL]or[xss]
http://[host]/vwar/war.php?showgame=[SQL]
http://[host]/vwar/war.php?sortby=[sql]
http://[host]/vwar/war.php?sortorder=[sql]
http://host]/vwar/calendar.php?year=[xss]

vendor: www.vwar.de

google:"Powered by: Virtual War v1.5.0"

Discovered by Vampire

Connect Me : Vampire_chiristof@xxxxxxxxx
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux