CVE-2012-4237
Multiple SQL injection vulnerabilities in TCExam before 11.3.008 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the subjectmoduleid parameter to 1 tceeditanswer.php or 2 tceeditquestion.php...