MidnightBSD

Advisories for eliteladders

CVE-2010-5014 HIGH

SQL injection vulnerability in standings.php in Elite Gaming Ladders 3.5 allows remote attackers to execute arbitrary SQL commands via the ladder[id] parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
eliteladders elite_gaming_ladders 3.5
CVE-2010-5016 HIGH

SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
eliteladders elite_gaming_ladders 3.0
eliteladders elite_gaming_ladders *
eliteladders elite_gaming_ladders 3.2
CVE-2010-5017 HIGH

SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
eliteladders elite_gaming_ladders 3.0