CVE-2015-10111

Name of the Vulnerable Software and Affected Versions Watu Quiz Plugin versions up to 2.6.7

Description A critical issue affects the watu exams function of the controllers/exam.php file in the Exam Handler component. The manipulation of the quiz argument leads to SQL injection. The attack can be initiated remotely.

Recommendations For Watu Quiz Plugin versions up to 2.6.7, upgrade to version 2.6.8 to address this issue. As a temporary workaround, consider restricting access to the watu exams function in the controllers/exam.php file until the patch is applied. Avoid using the quiz argument in the affected component until the issue is resolved.