CVE-2010-4776 Information

Description

SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter.

Reference

http://packetstormsecurity.org/files/view/95817/potgp-sql.txt http://securityreason.com/securityalert/8158 http://www.exploit-db.com/exploits/15526 https://exchange.xforce.ibmcloud.com/vulnerabilities/63246