Description
SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Cru3l.b0y · textwebappsphp
https://www.exploit-db.com/exploits/15526
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/63246
Exploit x_refsource_misc
http://packetstormsecurity.org/files/view/95817/potgp-sql.txt
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/15526
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/8158
Scores
EPSS
0.0036
EPSS Percentile
58.3%
Details
CWE
CWE-89
Status
published
Products (1)
preprojects/pre_online_tests_generator
Published
Mar 23, 2011
Tracked Since
Feb 18, 2026