CVE-2010-5014

EPSS 1.0%

SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter.

Affected products

n/a · n/a

public PoCs found — 2

cve_referencewww.exploit-db.com/exploits/13936unverified exploitdbwww.exploit-db.com/exploits/13936unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/36732 https://exchange.xforce.ibmcloud.com/vulnerabilities/59577 http://www.exploit-db.com/exploits/13936 http://www.securityfocus.com/bid/40981