ID EDB-ID:13936
Type exploitdb
Reporter ahwak2000
Modified 2010-06-19T00:00:00
Description
Elite Gaming Ladders v3.5 SQL Injection Vulnerability (ladder[id]). CVE-2010-5014. Webapps exploit for php platform
[-] Elite Gaming Ladders v3.5 SQL Injection Vulnerability [-]
---Date : 2010-06-19
---Author : ahwak2000
---Email : z.u5[at]hotmail.com
[-] Script Info [-]
---Home : http://eliteladders.com/
[-] Vulnerability [-]
http://site.com/[path]/standings.php?ladder[id]=[SQL INj]
{"hash": "dfb0f6c867087a9075eab78d7ecdd37a6d42aa48347a5f91b8e8a00779e6da02", "id": "EDB-ID:13936", "lastseen": "2016-02-01T18:48:30", "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "bulletinFamily": "exploit", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "edition": 1, "history": [], "type": "exploitdb", "sourceHref": "https://www.exploit-db.com/download/13936/", "description": "Elite Gaming Ladders v3.5 SQL Injection Vulnerability (ladder[id]). CVE-2010-5014. Webapps exploit for php platform", "title": "Elite Gaming Ladders 3.5 - SQL Injection Vulnerability ladderid", "sourceData": "[-] Elite Gaming Ladders v3.5 SQL Injection Vulnerability [-]\r\n\r\n\r\n---Date : 2010-06-19\r\n---Author : ahwak2000\r\n---Email : z.u5[at]hotmail.com\r\n[-] Script Info [-]\r\n---Home : http://eliteladders.com/\r\n\r\n[-] Vulnerability [-]\r\n\r\n\r\nhttp://site.com/[path]/standings.php?ladder[id]=[SQL INj]", "objectVersion": "1.0", "cvelist": ["CVE-2010-5014"], "viewCount": 1, "published": "2010-06-19T00:00:00", "osvdbidlist": ["76890"], "references": [], "reporter": "ahwak2000", "modified": "2010-06-19T00:00:00", "href": "https://www.exploit-db.com/exploits/13936/"}
{"cve": [{"lastseen": "2017-08-29T11:19:05", "references": ["http://www.exploit-db.com/exploits/13936", "https://exchange.xforce.ibmcloud.com/vulnerabilities/59577", "http://www.securityfocus.com/bid/40981"], "description": "SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter.", "edition": 2, "reporter": "NVD", "published": "2011-11-02T17:55:01", "title": "CVE-2010-5014", "type": "cve", "enchantments": {"score": {"modified": "2017-08-29T11:19:05", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-5014"], "scanner": [], "modified": "2017-08-28T21:29:10", "cpe": ["cpe:/a:eliteladders:elite_gaming_ladders:3.5"], "id": "CVE-2010-5014", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5014", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
