Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Virtual War v1.5.0 SQL injection and XSS Aug 14 2006 03:01PM
vampire_chiristof yahoo com
Virtual War v1.5.0 SQL injection and XSS

http://[host]/vwar/war.php?s=[SQL]

http://[host]/vwar/war.php?page=[SQL]or[xss]

http://[host]/vwar/war.php?showgame=[SQL]

http://[host]/vwar/war.php?sortby=[sql]

http://[host]/vwar/war.php?sortorder=[sql]

http://host]/vwar/calendar.php?year=[xss]

v...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus