header-logo
Suggest Exploit
vendor:
Elite Gaming Ladders
by:
ahwak2000
9,3
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Elite Gaming Ladders
Affected Version From: 3.0
Affected Version To: 3.5
Patch Exists: Yes
Related CWE: N/A
CPE: a:eliteladders:elite_gaming_ladders:3.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2010

Elite Gaming Ladders v3.5 SQL Injection Vulnerability

The vulnerability is caused due to the 'ladder[id]' parameter not being sanitized properly and it allows an attacker to inject or manipulate SQL queries.

Mitigation:

Upgrade to the latest version of Elite Gaming Ladders v3.5.
Source

Exploit-DB raw data:

[-] Elite Gaming Ladders v3.5 SQL Injection Vulnerability [-]


---Date : 2010-06-19
---Author : ahwak2000
---Email : z.u5[at]hotmail.com
[-] Script Info [-]
---Home : http://eliteladders.com/

[-] Vulnerability [-]


http://site.com/[path]/standings.php?ladder[id]=[SQL INj]

Navigation

Suggest Exploit

Services By CQR