CVE-2010-3027
An SQL injection in Tycoon Baseball Script 1.0.9 (index.php) allows remote execution via the game_id parameter in a game_player action. This is reported across multiple sources (NVD, Red Hat, CVE List, PRION) with base CVSS2 score 7.5 (HIGH). The connected documents do not provide a patch or work...