CVE-2010-3608

CVE-2010-3608

EPSS 1.0%

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) password (pw) parameters to (a) admin.php or (b) user.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.org/1009-exploits/wpquiz27-sql.txt http://www.exploit-db.com/exploits/15075 http://www.securityfocus.com/bid/43384