CVE-2010-5016
published 2011-11-02CVE-2010-5016: SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match…
PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.01%
58.9th percentile
SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match parameter.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eliteladders | elite_gaming_ladders | <= 3.5 | — |
| eliteladders | elite_gaming_ladders | — | — |
| eliteladders | elite_gaming_ladders | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4ghq-f6gr-qp9c: SQL injection vulnerability in matchdb
ghsa_unreviewed·2022-05-17
CVE-2010-5016 [HIGH] CWE-89 GHSA-4ghq-f6gr-qp9c: SQL injection vulnerability in matchdb
SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match parameter.
Red Hat
php: XSS and SQL injection bypass via crafted overlong UTF-8 encoded string
vendor_redhat·2009-09-27·CVSS 6.8
CVE-2009-5016 [MEDIUM] CWE-79 php: XSS and SQL injection bypass via crafted overlong UTF-8 encoded string
php: XSS and SQL injection bypass via crafted overlong UTF-8 encoded string
Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in PHP before 5.2.11 makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string that uses overlong UTF-8 encoding, a different vulnerability than CVE-2010-3870.
No detection rules found.
http://secunia.com/advisories/36732http://www.exploit-db.com/exploits/12158http://www.securityfocus.com/bid/39625https://exchange.xforce.ibmcloud.com/vulnerabilities/57763http://secunia.com/advisories/36732http://www.exploit-db.com/exploits/12158http://www.securityfocus.com/bid/39625https://exchange.xforce.ibmcloud.com/vulnerabilities/57763
2011-11-02
Published