CVEブラウザに戻る

CVE-2010-3608

HIGH

7.5

CVSS Severity Score

EPSS Score0.1560%

EPSS Percentile32.96th

Published2010年9月24日

Last Modified2026年4月29日

Vulnerability Description

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) password (pw) parameters to (a) admin.php or (b) user.php.

Affected Platforms (CPE)

📦

Wire Plastic Design

Wpquiz

= 2.7

References & Advisories

🔗 http://packetstormsecurity.org/1009-exploits/wpquiz27-sql.txt

🔗 http://www.exploit-db.com/exploits/15075

🔗 http://www.securityfocus.com/bid/43384

🔗 http://packetstormsecurity.org/1009-exploits/wpquiz27-sql.txt

🔗 http://www.exploit-db.com/exploits/15075

🔗 http://www.securityfocus.com/bid/43384

関連する脆弱性情報

CVE-2007-617210.0

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2004-17047.5

WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras dir...

CVE-2010-027410.0

Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before ...

CVE-2010-044510.0

Unspecified vulnerability in HP Network Node Manager (NNM) 8.10, 8.11, 8.12, and 8.13 allows remote attackers to execute arbitrary...