Online Quiz Maker 1.0 SQL Injection via catid Parameter

Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated attackers to execute arbitrary SQL commands. Attackers can submit malicious POST requests to quiz-system.php or add-category.php with crafted SQL payloads in POST parameters to extract sensitive database information or bypass authentication.

Problem type

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Affected products

Hscripts

Online Quiz Maker

1.0 - AFFECTED

References

ExploitDB-45323

https://www.exploit-db.com/exploits/45323

exploit

Official Product Homepage

https://www.hscripts.com/scripts/php/quiz-maker.php

product

Product Reference

https://www.hscripts.com/scripts/php/downloads/quiz-maker.zip

product

VulnCheck Advisory: Online Quiz Maker 1.0 SQL Injection via catid Parameter

https://www.vulncheck.com/advisories/online-quiz-maker-sql-injection-via-catid-parameter

third-party-advisory

GitHub Security Advisories

GHSA-6w6g-wxwv-2274

Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters...

https://github.com/advisories/GHSA-6w6g-wxwv-2274

nvd.nist.gov

https://nvd.nist.gov/vuln/detail/CVE-2018-25207

exploit-db.com

https://www.exploit-db.com/exploits/45323

hscripts.com

https://www.hscripts.com/scripts/php/downloads/quiz-maker.zip

hscripts.com

https://www.hscripts.com/scripts/php/quiz-maker.php

vulncheck.com

https://www.vulncheck.com/advisories/online-quiz-maker-sql-injection-via-catid-parameter

github.com

https://github.com/advisories/GHSA-6w6g-wxwv-2274

JSON source

https://cveawg.mitre.org/api/cve/CVE-2018-25207

Click to expand

{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2018-25207",
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "dateUpdated": "2026-03-26T13:00:10.011Z",
    "dateReserved": "2026-03-26T11:33:48.528Z",
    "datePublished": "2026-03-26T11:39:53.997Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck",
        "dateUpdated": "2026-03-26T11:39:53.997Z"
      },
      "datePublic": "2018-09-03T00:00:00.000Z",
      "title": "Online Quiz Maker 1.0 SQL Injection via catid Parameter",
      "descriptions": [
        {
          "lang": "en",
          "value": "Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated attackers to execute arbitrary SQL commands. Attackers can submit malicious POST requests to quiz-system.php or add-category.php with crafted SQL payloads in POST parameters to extract sensitive database information or bypass authentication."
        }
      ],
      "affected": [
        {
          "vendor": "Hscripts",
          "product": "Online Quiz Maker",
          "versions": [
            {
              "version": "1.0",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
              "cweId": "CWE-89",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://www.exploit-db.com/exploits/45323",
          "name": "ExploitDB-45323",
          "tags": [
            "exploit"
          ]
        },
        {
          "url": "https://www.hscripts.com/scripts/php/quiz-maker.php",
          "name": "Official Product Homepage",
          "tags": [
            "product"
          ]
        },
        {
          "url": "https://www.hscripts.com/scripts/php/downloads/quiz-maker.zip",
          "name": "Product Reference",
          "tags": [
            "product"
          ]
        },
        {
          "url": "https://www.vulncheck.com/advisories/online-quiz-maker-sql-injection-via-catid-parameter",
          "name": "VulnCheck Advisory: Online Quiz Maker 1.0 SQL Injection via catid Parameter",
          "tags": [
            "third-party-advisory"
          ]
        }
      ],
      "metrics": [
        {
          "format": "CVSS"
        },
        {
          "format": "CVSS",
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
            "attackVector": "NETWORK",
            "attackComplexity": "LOW",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "scope": "UNCHANGED",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH"
          }
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Özkan Mustafa Akkuş (AkkuS)",
          "type": "finder"
        }
      ]
    },
    "adp": [
      {
        "providerMetadata": {
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP",
          "dateUpdated": "2026-03-26T13:00:10.011Z"
        },
        "title": "CISA ADP Vulnrichment",
        "metrics": [
          {}
        ]
      }
    ]
  }
}