[] NeoSense
E X P L O I T S
title author type platform port cve id

Left 4 Dead Stats 1.1 - SQL Injection

Author: Sora
type: webapps
platform: php
port: 
date_added: 2010-01-01 
date_updated:  
verified: 1 
codes: OSVDB-61472;CVE-2010-0980 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.coml4d_stats_web.zip
----------------------------------
> Left 4 Dead Stats SQL Injection Vulnerability
> Author: Sora
> Contact: vhr95zw [at] hotmail [dot] com
> Website: http://greyhathackers.wordpress.com/
> Google Dork: "In your dreams, script kiddies."

# VULNERABILITY DESCRIPTION:
Left 4 Dead Stats suffers from a remote SQL injection vulnerability in player.php.

# VULNERABILITY SOLUTION:
The owner of the website can sanitize the database inputs.

# Proof of Concept: http://www.site.com/l4dstats/player.php?steamid='
# Greetz: Bw0mp, Popc0rn, Xermes, T3eS, Timeb0mb, [H]aruhiSuzumiya, Revelation, and Max Mafiotu.
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.