WordPress LeagueManager Plugin 'league_id' Parameter SQL Injection Vulnerability

Bugtraq ID:	58503
Class:	Input Validation Error
CVE:	CVE-2013-1852
Remote:	Yes
Local:	No
Published:	Mar 13 2013 12:00AM
Updated:	Mar 13 2013 12:00AM
Credit:	Joshua Reynolds
Vulnerable:	WordPress LeagueManager 3.8
Not Vulnerable:

WordPress LeagueManager Plugin 'league_id' Parameter SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following exploit is available:

• /data/vulnerabilities/exploits/58503.rb.txt

WordPress LeagueManager Plugin 'league_id' Parameter SQL Injection Vulnerability

References:

• WordPress Homepage (WordPress)