Vulnerabilities > CVE-2006-4978 - Unspecified vulnerability in Walter Beschmout PHPquiz

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
walter-beschmout
exploit available

Summary

Multiple SQL injection vulnerabilities in Walter Beschmout PhpQuiz 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the univers parameter in score.php and (2) the quiz_id parameter in home.php, accessed through the front/ URI.

Vulnerable Configurations

Part Description Count
Application
Walter_Beschmout
1

Exploit-Db

descriptionphpQuiz <= 0.1.2 Remote SQL Injection / Code Execution Exploit. CVE-2006-4865,CVE-2006-4977,CVE-2006-4978,CVE-2006-4979. Webapps exploit for php platform
fileexploits/php/webapps/2376.pl
idEDB-ID:2376
last seen2016-01-31
modified2006-09-16
platformphp
port
published2006-09-16
reportersimo64
sourcehttps://www.exploit-db.com/download/2376/
titlephpQuiz <= 0.1.2 - Remote SQL Injection / Code Execution Exploit
typewebapps