Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-5064


Vulnerability Score 4.3 4.3
CVE Id CVE-2010-5064
Last Modified 08 Oct 2012 12:00:00
Published 08 Oct 2012 06:47:44
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Multiple cross-site scripting (XSS) vulnerabilities in Virtual War (aka VWar) 1.6.1 R2 allow remote attackers to inject arbitrary web script or HTML via (1) the Additional Information field to challenge.php, the (2) Additional Information or (3) Contact information field to joinus.php, (4) the War Report field to admin/admin.php in a finishwar action, or (5) the Nick field to profile.php.

Vulnerable Systems


  • Vwar Virtual War 1.6.1


FULLDISC - 20100822 VWar 1.6.1 R2 Multiple Remote Vulnerabilities


Last Updated: 27 May 2016 11:00:52