QwikSec

Security Database

CVE

CWE

Training

CVE-2006-1503

Published: Mar 30, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

PHP remote file inclusion vulnerability in includes/functions_install.php in Virtual War (VWar) 1.5.0 R11 and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1636.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

virtual-war-functionsinstall-file-include(25497)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

20060328 VWar <= 1.5.0 R11 Remote Code Execution Exploit

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_OSVDB

20060403 Vendor ACK for VWar issue - VWar used by PhpNuke Clan

mailing-list

x_refsource_VIM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.