Multiple format string vulnerabilities in Babo Violent 2 2.08.00 and earlier allow remote attackers to execute arbitrary code via format string specifiers in (1) a message or (2) certain data associated with an admin login.
https://exchange.xforce.ibmcloud.com/vulnerabilities/36015
http://www.securityfocus.com/archive/1/476520/100/0/threaded
http://securityreason.com/securityalert/3024