CVE-2006-4142 Information

Description

SQL injection vulnerability in extra/online.php in Virtual War (VWar) 1.5.0 R14 and earlier allows remote attackers to execute arbitrary SQL commands via the n parameter.

Reference

http://securityreason.com/securityalert/1384 http://www.attrition.org/pipermail/vim/2007-April/001519.html http://www.securityfocus.com/archive/1/442989/100/0/threaded http://www.securityfocus.com/bid/19472 http://www.vwar.de/ https://exchange.xforce.ibmcloud.com/vulnerabilities/28323 https://www.exploit-db.com/exploits/2170