VWar 1.6.1 R2 Multiple Remote Vulnerabilities
VWar is prone to multiple remote vulnerabilities, including:
- Multiple HTML-injection vulnerabilities
- An SQL-injection vulnerability
- An unauthorized-access vulnerability
- A vulnerability that allows attackers to brute-force authentication credentials
An attacker can exploit these issues to compromise the affected application, gain unauthorized access to the application, execute arbitrary script code, steal cookie-based authentication credentials, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks are also possible.
VWar 1.6.1 R2 is vulnerable; other versions may also be affected.