cpe:/a:activewebsoftwares:ewebquiz:8.0 CVE-2009-4436 2009-12-28T14:00:00.953-05:00 2017-08-16T21:31:35.367-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-12-29T08:29:00.000-05:00 ALLOWS_OTHER_ACCESS EXPLOIT-DB 10529 SECUNIA 24653 BID 37402 XF ewebquiz-quizid-sql-injection(54892) Multiple SQL injection vulnerabilities in Active Web Softwares eWebquiz 8 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp, different vectors than CVE-2007-1706.