Vulnerabilities > Activewebsoftwares > Ewebquiz > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-06-21 | CVE-2010-2359 | SQL Injection vulnerability in Activewebsoftwares Ewebquiz 8.0 SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com eWebquiz 8 allows remote attackers to execute arbitrary SQL commands via the QuizType parameter, a different vector than CVE-2007-1706. | 7.5 |
2009-12-28 | CVE-2009-4436 | SQL Injection vulnerability in Activewebsoftwares Ewebquiz 8.0 Multiple SQL injection vulnerabilities in Active Web Softwares eWebquiz 8 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp, different vectors than CVE-2007-1706. | 7.5 |