SQL injection vulnerability in news.php in Virtual War (VWar) 1.5.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the (1) sortby and (2) sortorder parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vwar virtual war |