Vwar · Virtual War · CVE-2008-0753
**Name of the Vulnerable Software and Affected Versions**
Virtual War (VWar) version 1.5
**Description**
The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `month` parameter in the "calendar.php" file.
**Recommendations**
For Virtual War (VWar) version 1.5, consider restricting access to the `calendar.php` file until a patch is available, and avoid using the `month` parameter in this context to minimize the risk of exploitation.