2 matches found
Sql injection
SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com eWebquiz 8 allows remote attackers to execute arbitrary SQL commands via the QuizType parameter, a different vector than CVE-2007-1706...
CVE-2007-1706
The CVE-2007-1706 entry describes a SQL injection in eWebQuiz.asp of eWebQuiz 8, allowing remote attackers to execute arbitrary SQL via the QuizID parameter. The vulnerability is caused by inadequate input handling in eWebQuiz.asp, enabling manipulation of the backend database. According to the l...