LeagueManager 3.8 SQL Injection Exploit

This vulnerability in wordpress LeagueManager 3.8 plugin was posted at Packet Storm Security on March 15. A fix is included in the script.

Author: @jershmagersh

Usage: ruby LeagueManagerSQLI.rb “http://example.com” “/wordpress”

Download: http://dl.packetstormsecurity.net/1303-exploits/LeagueManagerSQLI.rb.txt. Save it as LeagueManagerSQLI.rb and run:

ruby LeagueManagerSQLI.rb 

for help.