This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Wowroster First view 2006-08-04
Product Wowroster Last view 2006-08-04
Version 1.5.1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:wowroster:wowroster

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2006-08-04 CVE-2006-3998

PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka World of Warcraft Roster) 1.5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter.

7.5 2006-08-04 CVE-2006-3997

PHP remote file inclusion vulnerability in hsList.php in WoWRoster (aka World of Warcraft Roster) 1.5.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter.

Open Source Vulnerability Database (OSVDB)

id Description
27759 WoWRoster conf.php subdir Parameter Remote File Inclusion
27758 WoWRoster hsList.php subdir Parameter Remote File Inclusion

Snort® IPS/IDS

Date Description
2014-01-10 WoW Roster remote file include with hslist.php and conf.php attempt
RuleID : 20728 - Type : SERVER-WEBAPP - Revision : 7