Walter Beschmout : Security Vulnerabilities, CVEs, CVSS score >= 5

CVE-2006-4979

Direct static code injection vulnerability in cfgphpquiz/install.php in Walter Beschmout PhpQuiz 1.2 and earlier allows remote attackers to inject arbitrary PHP code in config.inc.php via modified configuration settings.
Max CVSS
5.0
EPSS Score
4.59%
Published
2006-09-25
Updated
2018-10-17

CVE-2006-4978

Multiple SQL injection vulnerabilities in Walter Beschmout PhpQuiz 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the univers parameter in score.php and (2) the quiz_id parameter in home.php, accessed through the front/ URI.
Max CVSS
7.5
EPSS Score
0.91%
Published
2006-09-25
Updated
2018-10-17

CVE-2006-4977

Multiple unrestricted file upload vulnerabilities in (1) back/upload_img.php and (2) admin/upload_img.php in Walter Beschmout PhpQuiz 1.2 and earlier allow remote attackers to upload arbitrary PHP code to the phpquiz/img_quiz folder via the (a) upload, (b) ok_update, (c) image, and (d) path parameters, possibly requiring directory traversal sequences in the path parameter.
Max CVSS
5.0
EPSS Score
2.68%
Published
2006-09-25
Updated
2018-10-17
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close