SQL Injection Vulnerability in Virtual War (VWar) 1.6.1 R2 - Remote Code Execution via ratearticleselect Parameter

SQL Injection Vulnerability in Virtual War (VWar) 1.6.1 R2 - Remote Code Execution via ratearticleselect Parameter

CVE-2010-5063 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the ratearticleselect parameter.

Learn more about our Web Application Penetration Testing UK.