Quiz And Survey Master
ExpressTech Systems
Developer
11.0.0
Latest version
40,000
Installations
No date
Last updated
Vulnerability history
0 present
50 patched
13 Mitigation rules
- Authenticated (Contributor+) SQL Injection via 'merged_question' Parameter vulnerability<= 10.3.56 days ago
- Broken Access Control vulnerability<= 10.3.405/02/2026
- Insecure Direct Object References (IDOR) vulnerability<= 10.3.401/02/2026
- Contributor+ SQLi vulnerability< 9.0.229/01/2026
- SQL Injection vulnerability<= 10.3.128/01/2026
- Broken Access Control vulnerability<= 10.3.308/01/2026
- Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response Uploads vulnerability<= 10.3.106/01/2026
- Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion vulnerability<= 10.3.105/01/2026
- Broken Access Control vulnerability<= 10.3.230/11/2025
- PHP Object Injection Vulnerability<= 10.2.503/09/2025
- Template Creation via CSRF vulnerability< 10.2.314/08/2025
- SQL Injection Vulnerability<= 10.2.414/08/2025
- Author+ Stored XSS vulnerability< 9.2.125/03/2025
- Author+ Stored XSS vulnerability< 9.1.323/09/2024
- Contributor+ Stored XSS vulnerability< 9.1.126/08/2024
- Contributor+ Stored XSS vulnerability< 9.1.005/08/2024
- Contributor+ Stored XSS vulnerability< 9.0.511/07/2024
- Contributor+ Stored XSS vulnerability< 9.0.201/07/2024
- Authenticated (Contributor+) SQL Injection vulnerability<= 9.0.107/06/2024
- Cross Site Scripting (XSS) vulnerability<= 8.2.213/03/2024
- Cross Site Request Forgery (CSRF) vulnerability<= 8.1.1827/12/2023
- Broken Access Control vulnerability<= 8.1.1627/12/2023
- Cross Site Scripting (XSS) vulnerability<= 8.1.1316/11/2023
- Cross-Site Request Forgery via 'display_results' vulnerability<= 8.1.1513/09/2023
- Contributor+ Stored XSS vulnerability< 8.1.1127/07/2023
- Broken Access Control vulnerability<= 8.1.1017/07/2023
- Unauthenticated SQL Injection vulnerability<= 8.1.416/04/2023
- Cross Site Request Forgery (CSRF) vulnerability<= 8.0.1028/02/2023
- Unauthenticated Arbitrary Media Deletion vulnerability<= 8.0.817/02/2023
- Cross Site Request Forgery (CSRF)<= 8.0.712/02/2023
- Unauth. iFrame Injection vulnerability via Paragraph and Short Answer<= 8.0.429/11/2022
- Improper Input Validation vulnerability<= 8.0.429/11/2022
- Bypass vulnerability<= 7.3.1021/10/2022
- Sensitive Information Disclosure vulnerability<= 7.3.1021/10/2022
- Cross-Site Scripting (XSS) vulnerability<= 7.3.1021/10/2022
- Multiple Insecure direct object references (IDOR) vulnerabilities<= 7.3.621/10/2022
- Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities<= 7.3.421/10/2022
- Auth. SQL Injection (SQLi) vulnerability<= 7.3.421/10/2022
- Auth. Reflected Cross-Site Scripting (XSS) vulnerability<= 7.3.421/10/2022
- Auth. Stored Cross-Site Scripting (XSS) vulnerability<= 7.3.421/10/2022
- Insecure direct object references (IDOR) vulnerability<= 7.3.429/09/2022
- Stored Cross-Site Scripting (XSS) vulnerability<= 7.3.113/09/2021
- Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability<= 7.1.1803/06/2021
- Reflected Cross-Site Scripting (XSS) vulnerability<= 7.1.1731/05/2021
- Authenticated SQL injection (SQLi) vulnerability<= 7.1.1326/03/2021
- Unauthenticated Arbitrary File Upload vulnerability<= 7.0.129/08/2020
- Authenticated Reflected Cross-Site Scripting (XSS) vulnerability<= 6.3.415/12/2019
- Authenticated Cross-Site Scripting (XSS) vulnerability<= 6.2.112/03/2019
- Multiple Vulnerabilities<= 4.7.815/12/2016
- Blind SQL Injection<= 4.4.216/07/2015