Eugene Kolodenker

**Name of the Vulnerable Software and Affected Versions** Viral Quiz Maker - OnionBuzz plugin versions prior to 1.2.7 **Description** An issue in the plugin allows an unauthenticated user to perform a SQL injection attack due to the lack of sanitization of the `id` parameter in the "set count" AJAX handler. This can lead to remote code execution and information disclosure. **Recommendations** For versions prior to 1.2.7, update to version 1.2.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the "set count" AJAX handler to minimize the risk of exploitation. Avoid using the `id` parameter in the affected AJAX endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Viral Quiz Maker - OnionBuzz plugin versions prior to 1.2.2 **Description** An issue in the Viral Quiz Maker - OnionBuzz plugin allows an unauthenticated user to perform a SQL injection attack. This is due to the lack of sanitization of the `points` parameter in the `ob get results` AJAX handler, which is used in the `getResultByPointsTrivia` function. This enables remote code execution and information disclosure. **Recommendations** For versions prior to 1.2.2, update to version 1.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `ob get results` AJAX handler to minimize the risk of exploitation. Avoid using the `points` parameter in the affected AJAX endpoint until the issue is resolved.