Arbitrary SQL Command Execution in DotA OpenStats 1.3.9 and Earlier
CVE-2011-5218 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
SQL injection vulnerability in DotA OpenStats 1.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
Learn more about our Web Application Penetration Testing UK.