Vulnerabilities > Walter Beschmout
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-09-25 | CVE-2006-4979 | Remote Security vulnerability in Phpquiz Direct static code injection vulnerability in cfgphpquiz/install.php in Walter Beschmout PhpQuiz 1.2 and earlier allows remote attackers to inject arbitrary PHP code in config.inc.php via modified configuration settings. | 5.0 |
2006-09-25 | CVE-2006-4978 | Input Validation vulnerability in PHPQuiz Multiple SQL injection vulnerabilities in Walter Beschmout PhpQuiz 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the univers parameter in score.php and (2) the quiz_id parameter in home.php, accessed through the front/ URI. | 7.5 |
2006-09-25 | CVE-2006-4977 | Input Validation vulnerability in PHPQuiz Multiple unrestricted file upload vulnerabilities in (1) back/upload_img.php and (2) admin/upload_img.php in Walter Beschmout PhpQuiz 1.2 and earlier allow remote attackers to upload arbitrary PHP code to the phpquiz/img_quiz folder via the (a) upload, (b) ok_update, (c) image, and (d) path parameters, possibly requiring directory traversal sequences in the path parameter. | 5.0 |