CVE-2015-10111SQL Injection in Watu Quiz

CWE-89SQL Injection3 documents3 sources
Severity
9.8CRITICALNVD
CNA6.3
EPSS
0.1%
top 67.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Kibokolabs Watu Quiz
Timeline
PublishedJun 4

Description

A vulnerability was found in Watu Quiz Plugin up to 2.6.7 on WordPress. It has been rated as critical. This issue affects the function watu_exams of the file controllers/exam.php of the component Exam Handler. The manipulation of the argument quiz leads to sql injection. The attack may be initiated remotely. Upgrading to version 2.6.8 is able to address this issue. The patch is named bf42e7cfd819a3e76cf3e1465697e89f4830590c. It is recommended to upgrade the affected component. The associated ide

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
CVEList
Watu Quiz Plugin Exam exam.php watu_exams sql injection2023-06-04
GHSA
GHSA-5fj5-hp4f-cw5m: A vulnerability was found in Watu Quiz Plugin up to 22023-06-04
CVE-2015-10111 — SQL Injection in Kibokolabs Watu Quiz | cvebase