exploitDog

GHSA-4vcg-74p8-q3gx

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and (4) sortby parameters.

Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and (4) sortby parameters.

Ссылки

EPSS

Процентиль: 79%

0.01314

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2006-3139

nvd

больше 19 лет назад

Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and (4) sortby parameters.

EPSS

Процентиль: 79%

0.01314

Низкий

CVE ID

Дефекты

CWE-89