VYPR

Ewebquiz

by Activewebsoftwares

CVEs (4)

  • CVE-2010-2359Jun 21, 2010
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com eWebquiz 8 allows remote attackers to execute arbitrary SQL commands via the QuizType parameter, a different vector than CVE-2007-1706.

  • CVE-2009-4436Dec 28, 2009
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in Active Web Softwares eWebquiz 8 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp, different vectors than CVE-2007-1706.

  • CVE-2008-5631Dec 17, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. NOTE: some of these details are obtained from third party information.

  • CVE-2007-1706Mar 27, 2007
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in eWebQuiz.asp in eWebQuiz 8 allows remote attackers to execute arbitrary SQL commands via the QuizID parameter.