PHP remote file inclusion vulnerability in includes/functions_install.php in Virtual War (VWar) 1.5.0 R11 and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1636.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2006-03-29 17:06
Updated : 2018-10-18 09:32
NVD link : CVE-2006-1503
Mitre link : CVE-2006-1503
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
vwar
- virtual_war