RSS   Vulnerabilities for 'Active ewebquiz'   RSS

2008-12-17
 
CVE-2008-5631

CWE-89
 

 
SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. NOTE: some of these details are obtained from third party information.

 

 >>> Vendor: Activewebsoftwares 18 Products
Activevotes
Active trade
Active ewebquiz
Active time billing
Active force matrix
Active membership
Active price comparison
Active bids
Active photo gallery
Active test
Active business directory
Active web mail
Active newsletter
Active web helpdesk
Quick tree view .net
Aspreferral
Ewebquiz
Active auction house


Copyright 2017, cxsecurity.com