PHP remote file include vulnerability in functions_admin.php in Virtual War (VWar) 1.5.0 R10 allows remote malicious users to include and execute arbitrary PHP code via unspecified attack vectors. NOTE: this issue has been referred to as XSS, but it is clear from the vendor description that it is a file inclusion problem.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vwar virtual war 1.3 |
||
vwar virtual war 1.5.0_r10 |
||
vwar virtual war 1.4 |