CVE-2018-25207

Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid parameter of quiz-system.php and the usern parameter of add-category.php. The application fails to properly sanitize user input in these POST parameters, allowing attackers to inject malicious SQL queries that are executed against the backend database [1][2].

An authenticated attacker can exploit these flaws by sending crafted POST requests to the vulnerable endpoints. For example, the catid parameter supports boolean-based blind, time-based blind, and UNION-based injection techniques, enabling incremental data extraction. The usern parameter in the admin login panel can be abused to bypass authentication entirely [1].

Successful exploitation allows an attacker to execute arbitrary SQL commands, potentially leading to full database compromise. Sensitive information such as user credentials, session tokens, and other application data can be extracted. Moreover, authentication bypass via the usern parameter can grant administrative access, escalating the attacker's privileges [2].

As of the advisory publication date, no official patch has been released for Online Quiz Maker 1.0. Users are advised to upgrade to a supported version or implement strong input validation, prepared statements, and least-privilege database accounts to mitigate the risk [1][2].