Summary
Detail | |||
---|---|---|---|
Vendor | Wowroster | First view | 2006-08-04 |
Product | Wowroster | Last view | 2006-08-04 |
Version | 1.5.1 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:wowroster:wowroster |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2006-08-04 | CVE-2006-3998 | PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka World of Warcraft Roster) 1.5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter. |
7.5 | 2006-08-04 | CVE-2006-3997 | PHP remote file inclusion vulnerability in hsList.php in WoWRoster (aka World of Warcraft Roster) 1.5.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter. |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
27759 | WoWRoster conf.php subdir Parameter Remote File Inclusion |
27758 | WoWRoster hsList.php subdir Parameter Remote File Inclusion |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | WoW Roster remote file include with hslist.php and conf.php attempt RuleID : 20728 - Type : SERVER-WEBAPP - Revision : 7 |