Primary

Context

Galaxy Forces MMORPG SQL Injection Vulnerability

Vulnerability

A SQL injection vulnerability has been identified in Galaxy Forces MMORPG version 0.5.8. This vulnerability allows authenticated attackers to execute arbitrary SQL queries by injecting malicious payloads through the 'type' parameter in POST requests to ads.php. Exploitation of this vulnerability could lead to the extraction of sensitive database information, including usernames, database names, and version details.

Impact

Exploitation of this vulnerability allows for SQL injection, enabling attackers to execute arbitrary SQL commands and potentially access or manipulate database information.

Reproduction

To reproduce this vulnerability, send a POST request to ads.php with the 'type' parameter containing a crafted SQL payload. The injection can be verified by extracting database information such as usernames and version details.

Added: Mar 6, 2026, 1:30 PM

Updated: Mar 6, 2026, 1:30 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

3.7

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

3.7

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Galaxy Forces MMORPG SQL Injection Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating