- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 10930
- Проверка EDB
-
- Пройдено
- Автор
- SORA
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2010-0980
- Дата публикации
- 2010-01-02
Код:
----------------------------------
> Left 4 Dead Stats SQL Injection Vulnerability
> Author: Sora
> Contact: vhr95zw [at] hotmail [dot] com
> Website: http://greyhathackers.wordpress.com/
> Google Dork: "In your dreams, script kiddies."
# VULNERABILITY DESCRIPTION:
Left 4 Dead Stats suffers from a remote SQL injection vulnerability in player.php.
# VULNERABILITY SOLUTION:
The owner of the website can sanitize the database inputs.
# Proof of Concept: http://www.site.com/l4dstats/player.php?steamid='
# Greetz: Bw0mp, Popc0rn, Xermes, T3eS, Timeb0mb, [H]aruhiSuzumiya, Revelation, and Max Mafiotu.- Источник
- www.exploit-db.com
