[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Virtual War v1.5.0 <= Sql Injection vuln.

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Virtual War v1.5.0 <= Sql Injection vuln.
From: mfoxhacker@xxxxxxxxx
Date: 9 Aug 2006 15:55:47 -0000

Vendor : www.vwar.de
Vuln. Ver. : 1.5.0 and lower
Dork : "Powered by : Virtual War v1.5.0"
       intext:"www.vwar.de"
-------------------------------------------
Author : MFox
Homepage : Www.HackerZ.iR
           Www.H4ckerZ.Com
Iran HackerZ Security Team
-------------------------------------------
PoC : 
http://[host]/vwar/news.php?sortby=[SQL]
http://[host]/vwar/news.php?sortorder=[SQL]
-------------------------------------------

Prev by Date: Compersus ASP shopping cart <= DataBase Downloading vuln.
Next by Date: XennoBB <= "avatar gallery" Directory Transversal
Previous by thread: Compersus ASP shopping cart <= DataBase Downloading vuln.
Next by thread: XennoBB <= "avatar gallery" Directory Transversal
Index(es):
- Date
- Thread