CVE-2008-6223

Way Of The Warrior 5.0 - Remote Code Execution via plancia Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6223. PoCs published by dun.

AI-analyzed exploit summary This is a writeup detailing Local/Remote File Inclusion vulnerabilities in 'Way Of The Warrior' (wotw) version 5.0. It describes the vulnerable code in `visualizza.php` and `crea.php` but does not include functional exploit code.

Description

PHP remote file inclusion vulnerability in visualizza.php in Way Of The Warrior (WOTW) 5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the plancia parameter to crea.php.

Exploits (1)

exploitdb WRITEUP VERIFIED

by dun · textwebappsphp

https://www.exploit-db.com/exploits/6992

View Code ZIP pw:eip

This is a writeup detailing Local/Remote File Inclusion vulnerabilities in 'Way Of The Warrior' (wotw) version 5.0. It describes the vulnerable code in `visualizza.php` and `crea.php` but does not include functional exploit code.

Classification

Writeup 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Way Of The Warrior (wotw) <= 5.0

No auth needed

Prerequisites: access to the vulnerable web application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32515

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/6992

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/32115

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/46341

Scores

EPSS 0.0245

EPSS Percentile 82.3%

Details

CWE

CWE-94

Status published

Products (1)

wotw/way_of_the_warrior 5.0

Published Feb 20, 2009

Tracked Since Feb 18, 2026