header-logo
Suggest Exploit
vendor:
Left 4 Dead Stats
by:
Sora
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Left 4 Dead Stats
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
N/A

Left 4 Dead Stats SQL Injection Vulnerability

Left 4 Dead Stats suffers from a remote SQL injection vulnerability in player.php.

Mitigation:

The owner of the website can sanitize the database inputs.
Source

Exploit-DB raw data:

----------------------------------
> Left 4 Dead Stats SQL Injection Vulnerability
> Author: Sora
> Contact: vhr95zw [at] hotmail [dot] com
> Website: http://greyhathackers.wordpress.com/
> Google Dork: "In your dreams, script kiddies."

# VULNERABILITY DESCRIPTION:
Left 4 Dead Stats suffers from a remote SQL injection vulnerability in player.php.

# VULNERABILITY SOLUTION:
The owner of the website can sanitize the database inputs.

# Proof of Concept: http://www.site.com/l4dstats/player.php?steamid='
# Greetz: Bw0mp, Popc0rn, Xermes, T3eS, Timeb0mb, [H]aruhiSuzumiya, Revelation, and Max Mafiotu.

Navigation

Suggest Exploit

Services By CQR