Vulnerabilities > THE WAR Forge

DATE	CVE	VULNERABILITY TITLE	RISK
2007-02-12	CVE-2006-6996	Cross-Site Scripting vulnerability in the WAR Forge Warforge.News 1.0 Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS 1.0 allow remote attackers to inject arbitrary HTML and web script via the (1) title and (2) newspost parameters to (a) newsadd.php, and the (3) name, title, and (4) comment parameters to (b) news.php, a different set of vectors than CVE-2006-1818. network the-war-forge	4.3
2006-04-18	CVE-2006-1818	Input Validation vulnerability in the WAR Forge Warforge.News 1.0 Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS 1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the (1) first_name and (2) last_name parameter in myaccounts.php. network high complexity the-war-forge	2.6
2006-04-18	CVE-2006-1817	Input Validation vulnerability in the WAR Forge Warforge.News 1.0 SQL injection vulnerability in authcheck.php in warforge.NEWS 1.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) authusername and possibly the (2) authpassword cookie. network high complexity the-war-forge	2.6

Vulnerabilities > THE WAR Forge {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"THE WAR Forge"}]}