|
Description
|
|
Some vulnerabilities have been reported in Elite Gaming Ladders, which can be exploited by malicious people to conduct SQL injection attacks.
1) Input passed to the "platform" parameter in ladders.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
2) Input passed to the "account" parameter in stats.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
3) Input passed to the "match" parameter in matchdb.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
4) Input passed to the "ladder[id]" parameter in standings.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerabilities are reported in version 3.5. Other versions may also be affected.
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable Software:
Elite Gaming Ladders 3.x
|
|
|
|
|
|
Solution
|
|
Edit the source code to ensure that input is properly sanitised.
|
|
|
|
|
|
CVE
|
|
CVE-2010-5017
CVE-2010-5016
CVE-2010-5014
CVE-2009-3314
|
|
|
|
|
|
References
|
|
1) http://www.milw0rm.com/exploits/9702
2) http://packetstormsecurity.org/1001-exploits/egl-sql.txt
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
