CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2010-3608 – wpQuiz 2.7 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2010-3608
24 Sep 2010 — Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) password (pw) parameters to (a) admin.php or (b) user.php. Multiples vulnerabilidades de inyección SQL en wpQuiz v2.7 permite a atacantes remotos ejecutar comandos SQL de su elección a través de los parámetros (1) id y (2) password (pw) de (a) admin.php o (b) user.php. • https://www.exploit-db.com/exploits/15075 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2007-6172 – wpQuiz 2.7 - Multiple SQL Injections
https://notcve.org/view.php?id=CVE-2007-6172
30 Nov 2007 — Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php. Múltiples vulnerabilidades de inyección SQL en wpQuiz 2.7 permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id de (1) viewimage.php y (2) comments.php. • https://www.exploit-db.com/exploits/4668 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2004-1704
https://notcve.org/view.php?id=CVE-2004-1704
30 Jul 2004 — WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras directory. • http://marc.info/?l=bugtraq&m=109122270013514&w=2 •