Vulnerabilities (CVE)

Filtered by vendor Vwar Subscribe
Filtered by product Virtual War
Total 22 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-1503 1 Vwar 1 Virtual War 2024-11-21 5.1 MEDIUM N/A
PHP remote file inclusion vulnerability in includes/functions_install.php in Virtual War (VWar) 1.5.0 R11 and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1636.
CVE-2005-4748 1 Vwar 1 Virtual War 2024-11-21 6.8 MEDIUM N/A
PHP remote file include vulnerability in functions_admin.php in Virtual War (VWar) 1.5.0 R10 allows remote attackers to include and execute arbitrary PHP code via unspecified attack vectors. NOTE: this issue has been referred to as XSS, but it is clear from the vendor description that it is a file inclusion problem.