PHPQuiz score.php univers Variable SQL Injection

2006-09-16T13:48:57
ID OSVDB:28960
Type osvdb
Reporter OSVDB
Modified 2006-09-16T13:48:57

Description

Manual Testing Notes

http://[target]/phpquiz/front/?what=score&univers=[SQL]

References:

Vendor URL: http://www.phpquiz.com/ Secunia Advisory ID:22015 Related OSVDB ID: 28962 Related OSVDB ID: 28963 Related OSVDB ID: 28961 Other Advisory URL: http://www.morx.org/phpquiz.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0289.html FrSIRT Advisory: ADV-2006-3693 CVE-2006-4978