Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Vwar Subscribe
Total 22 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-2091 1 Vwar 1 Virtual War 2025-04-03 5.0 MEDIUM N/A
admin.php in Virtual War (VWar) 1.5 and versions before 1.2 allows remote attackers to obtain sensitive information via an invalid vwar_root parameter, which reveals the path in an error message.
CVE-2006-4009 1 Vwar 1 Virtual War 2025-04-03 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in war.php in Virtual War (Vwar) 1.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter.