Vulnerability Description
SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eliteladders | Elite Gaming Ladders | 3.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/36732Vendor Advisory
- http://www.exploit-db.com/exploits/10978Exploit
- http://www.securityfocus.com/bid/40163Exploit
- http://www.vupen.com/english/advisories/2010/0012Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55335
- http://secunia.com/advisories/36732Vendor Advisory
- http://www.exploit-db.com/exploits/10978Exploit
- http://www.securityfocus.com/bid/40163Exploit
- http://www.vupen.com/english/advisories/2010/0012Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55335
FAQ
What is CVE-2010-5017?
CVE-2010-5017 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter.
How severe is CVE-2010-5017?
CVE-2010-5017 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-5017?
Check the references section above for vendor advisories and patch information. Affected products include: Eliteladders Elite Gaming Ladders.