CVE-2007-2430

2007-05-01T20:19:00
ID CVE-2007-2430
Type cve
Reporter NVD
Modified 2017-10-10T21:32:12

Description

shared/code/tce_tmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php.