3 matches found
CVE-2006-4979
The CVE-2006-4979 entry concerns a Direct static code injection vulnerability in cfgphpquiz/install.php for Walter Beschmout PhpQuiz 1.2 and earlier. The underlying flaw lets remote attackers inject arbitrary PHP code into config.inc.php by submitting modified configuration settings, enabling pot...
CVE-2006-4978
CVE-2006-4978 affects Walter Beschmout PhpQuiz 1.2 and earlier, with multiple SQL injection vulnerabilities. The weaknesses allow remote attackers to inject SQL via the univers parameter in score.php or the quiz_id parameter in home.php, accessed through the front/ URI. Documented impact is arbit...
CVE-2006-4977
The vulnerability described in CVE-2006-4977 affects Walter Beschmout PhpQuiz 1.2 and earlier, specifically in back/upload_img.php and admin/upload_img.php. It is an unrestricted file upload flaw that lets remote attackers upload arbitrary PHP code to the phpquiz/img_quiz folder by abusing the (a...