Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
war vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-5067
Virtual War (aka VWar) 1.6.1 R2 uses static session cookies that depend only on a user's password, which makes it easier for remote malicious users to bypass timeout and logout actions, and retain access for a long period of time, by leveraging knowledge of a session cookie.
Vwar Virtual War 1.6.1
NA
CVE-2010-5064
Multiple cross-site scripting (XSS) vulnerabilities in Virtual War (aka VWar) 1.6.1 R2 allow remote malicious users to inject arbitrary web script or HTML via (1) the Additional Information field to challenge.php, the (2) Additional Information or (3) Contact information field to...
Vwar Virtual War 1.6.1
NA
CVE-2010-5065
popup.php in Virtual War (aka VWar) 1.6.1 R2 allows remote malicious users to bypass intended member restrictions and read news posts via a modified newsid parameter in a printnews action.
Vwar Virtual War 1.6.1
NA
CVE-2010-5279
article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote malicious users to cause a denial of service (memory consumption) via a large integer in the ratearticleselect parameter.
Vwar Virtual War 1.6.1
NA
CVE-2001-0295
Directory traversal vulnerability in War FTP 1.67.04 allows remote malicious users to list directory contents and possibly read files via a "dir *./../.." command.
Jarle Aase War Ftpd 1.67b04
1 EDB exploit
NA
CVE-2007-4638
Blizzard Entertainment StarCraft Brood War 1.15.1 and previous versions allows remote malicious users to cause a denial of service (application crash) via a malformed map, which triggers an out-of-bounds read during a minimap preview.
Blizzard Entertainment Starcraft Brood War
1 EDB exploit
NA
CVE-2014-5957
The Alien War Survivors (aka com.ly.a13.gp) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Linkyungame Alien War Survivors 1.3.1
NA
CVE-2006-6996
Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS 1.0 allow remote malicious users to inject arbitrary HTML and web script via the (1) title and (2) newspost parameters to (a) newsadd.php, and the (3) name, title, and (4) comment parameters to (b) news.php, a d...
The War Forge Warforge.news 1.0
NA
CVE-2005-1718
Buffer overflow in LS Games War Times 1.03 and previous versions allows remote malicious users to cause a denial of service (server crash) via a long nickname.
Ls Games War Times 1.03
1 EDB exploit
NA
CVE-2006-1817
SQL injection vulnerability in authcheck.php in warforge.NEWS 1.0, with magic_quotes_gpc disabled, allows remote malicious users to execute arbitrary SQL commands via the (1) authusername and possibly the (2) authpassword cookie.
The War Forge Warforge.news 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »