Virtual War versions 1.5.0 and below suffer from SQL injection flaws.
4bab84d3f460570e3110ca4dc434816ca26bbc3298f5e072f7b7d8787d173b07
Vendor : www.vwar.de
Vuln. Ver. : 1.5.0 and lower
Dork : "Powered by : Virtual War v1.5.0"
intext:"www.vwar.de"
-------------------------------------------
Author : MFox
Homepage : Www.HackerZ.iR
Www.H4ckerZ.Com
Iran HackerZ Security Team
-------------------------------------------
PoC :
http://[host]/vwar/news.php?sortby=[SQL]
http://[host]/vwar/news.php?sortorder=[SQL]
-------------------------------------------