Description
SQL injection vulnerability in team.php in Posse Softball Director CMS allows remote attackers to execute arbitrary SQL commands via the idteam parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Easy Laster · textwebappsphp
https://www.exploit-db.com/exploits/18320
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/72135
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/51299
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/18320
Exploit vdb-entry
x_refsource_osvdb
http://www.osvdb.org/82483
Scores
EPSS
0.0020
EPSS Percentile
41.3%
Details
CWE
CWE-89
Status
published
Products (1)
possesports/posse_softball_director_cms
Published
Oct 04, 2012
Tracked Since
Feb 18, 2026