My Gaming Ladder v1.0 SQL Injection Vulnerability

# Exploit Title: My Gaming Ladder SQL Injection Vulnerability
# Date: January 4th, 2009
# Author: Sora
# Software Link:
# Version: 1.0
# Tested on: Windows and Linux
> MyGamingLadder SQL Injection Vulnerability
> Author: Sora
> Contact: vhr95zw [at] hotmail [dot] com
> Website:
> Google Dork: “In your dreams, script kiddies.”
> Cost of the program: $190.00 (wow!)

# Vulnerability Description:
My Gaming Ladder v1.0 suffers a remote SQL injection vulnerability in
the parameter “ladderid=” of ladder.php. The attacker can gain user cresedentials and deface
the vulnerable website. They will either infect the website, or they will deface it.

# Proof of Concept:′


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: