https://feed.craftedsignal.io/tags/cve-2018-25207/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioThu, 26 Mar 2026 12:16:05 +0000https://feed.craftedsignal.io/briefs/2026-03-online-quiz-maker-sqli/Thu, 26 Mar 2026 12:16:05 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-online-quiz-maker-sqli/Online Quiz Maker 1.0 is vulnerable to SQL injection via the catid and usern parameters, allowing authenticated attackers to execute arbitrary SQL commands by submitting malicious POST requests to quiz-system.php or add-category.php.Online Quiz Maker 1.0 is susceptible to SQL injection vulnerabilities, specifically identified as CVE-2018-25207. The vulnerability resides in the catid and usern parameters, which can be exploited by an authenticated attacker to inject arbitrary SQL commands. The attack vector involves crafting malicious POST requests to either quiz-system.php or add-category.php. Successful exploitation of this vulnerability can lead to unauthorized access to sensitive data stored in the database…

]]>highadvisorysql-injectioncve-2018-25207web-application