Vulnerabilities > CVE-2006-4979 - Remote Security vulnerability in Phpquiz

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
walter-beschmout
exploit available

Summary

Direct static code injection vulnerability in cfgphpquiz/install.php in Walter Beschmout PhpQuiz 1.2 and earlier allows remote attackers to inject arbitrary PHP code in config.inc.php via modified configuration settings.

Vulnerable Configurations

Part Description Count
Application
Walter_Beschmout
1

Exploit-Db

descriptionphpQuiz <= 0.1.2 Remote SQL Injection / Code Execution Exploit. CVE-2006-4865,CVE-2006-4977,CVE-2006-4978,CVE-2006-4979. Webapps exploit for php platform
fileexploits/php/webapps/2376.pl
idEDB-ID:2376
last seen2016-01-31
modified2006-09-16
platformphp
port
published2006-09-16
reportersimo64
sourcehttps://www.exploit-db.com/download/2376/
titlephpQuiz <= 0.1.2 - Remote SQL Injection / Code Execution Exploit
typewebapps