Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13858
HistoryAug 11, 2006 - 12:00 a.m.

Virtual War v1.5.0 <= Sql Injection vuln

2006-08-1100:00:00
vulners.com
24

Vendor : www.vwar.de

Vuln. Ver. : 1.5.0 and lower

Dork : "Powered by : Virtual War v1.5.0"

intext:"www.vwar.de"


Author : MFox

Homepage : Www.HackerZ.iR

Www.H4ckerZ.Com

Iran HackerZ Security Team


PoC :

http://[host]/vwar/news.php?sortby=[SQL]

http://[host]/vwar/news.php?sortorder=[SQL]