Bugtraq mailing list archives

Virtual War v1.5.0 <= Sql Injection vuln.

From: mfoxhacker () gmail com
Date: 9 Aug 2006 15:55:47 -0000

Vendor : www.vwar.de
Vuln. Ver. : 1.5.0 and lower
Dork : "Powered by : Virtual War v1.5.0"
       intext:"www.vwar.de"
-------------------------------------------
Author : MFox
Homepage : Www.HackerZ.iR
           Www.H4ckerZ.Com
Iran HackerZ Security Team
-------------------------------------------
PoC : 
http://[host]/vwar/news.php?sortby=[SQL]
http://[host]/vwar/news.php?sortorder=[SQL]
-------------------------------------------

Current thread:

Virtual War v1.5.0 <= Sql Injection vuln. mfoxhacker (Aug 10)