Vulnerabilities > Vwar > Virtual WAR > 1.5.0.r13
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-08-14 | CVE-2006-4142 | SQL Injection vulnerability in VWar Virtual WAR SQL injection vulnerability in extra/online.php in Virtual War (VWar) 1.5.0 R14 and earlier allows remote attackers to execute arbitrary SQL commands via the n parameter. | 7.5 |
2006-06-22 | CVE-2006-3139 | SQL Injection vulnerability in Vwar Virtual WAR Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and (4) sortby parameters. | 7.5 |