VWar 1.6.1 R2 Multiple Remote Vulnerabilities

VWar is prone to multiple remote vulnerabilities, including:

- Multiple HTML-injection vulnerabilities
- An SQL-injection vulnerability
- An unauthorized-access vulnerability
- A vulnerability that allows attackers to brute-force authentication credentials

An attacker can exploit these issues to compromise the affected application, gain unauthorized access to the application, execute arbitrary script code, steal cookie-based authentication credentials, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks are also possible.

VWar 1.6.1 R2 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus