Lucene search
+L

250 matches found

exploitpack
exploitpack
added 2011/02/02 12:0 a.m.16 views

TCExam 11.1.16 - user_password Cross-Site Scripting

TCExam 11.1.16 - userpassword Cross-Site Scripting source: https://www.securityfocus.com/bid/46096/info TCExam is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

6.8AI score
Exploits0
exploitdb
exploitdb
added 2011/02/02 12:0 a.m.15 views

TCExam 11.1.16 - 'user_password' Cross-Site Scripting

source: https://www.securityfocus.com/bid/46096/info TCExam is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

7AI score
Exploits0
packetstorm
packetstorm
added 2011/02/01 12:0 a.m.19 views

TCExam 11.1.016 Cross Site Scripting

------------------------------------------------------------------------ Software................TCExam 11.1.016 Vulnerability...........Reflected Cross-site Scripting Download................http://www.tcexam.org/ Release Date............1/31/2011 Tested On...............Windows 7 + XAMPP...

Exploits0
openvas
openvas
added 2010/06/11 12:0 a.m.23 views

TCExam 'tce_functions_tcecode_editor.php' File Upload Vulnerability

This host is running TCExam and is prone to file upload vulnerability. OpenVAS Vulnerability Test $Id: gbtcexamfileuploadvuln.nasl 5843 2017-04-03 13:42:51Z cfi $ TCExam 'tcefunctionstcecodeeditor.php' File Upload Vulnerability Authors: Madhuri D Copyright: Copyright c 2010 Greenbone Networks Gmb...

6.8CVSS0.2AI score0.07472EPSS
Exploits1References3
openvas
openvas
added 2010/06/11 12:0 a.m.29 views

Tecnick TCExam < 10.1.012 File Upload Vulnerability - Active Check

Tecnick TCExam is prone to a file upload vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tecnick:tcexam";...

6.8CVSS6.6AI score0.07472EPSS
Exploits1References1
openvas
openvas
added 2010/06/11 12:0 a.m.21 views

Tecnick TCExam Detection (HTTP)

HTTP based detection of Tecnick TCExam. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.800792";...

7.4AI score
Exploits0References1
nvd
nvd
added 2010/06/03 4:30 p.m.16 views

CVE-2010-2153

Unrestricted file upload vulnerability in admin/code/tcefunctionstcecodeeditor.php in TCExam 10.1.006 and 10.1.007 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in cache/...

6.8CVSS7.7AI score0.07472EPSS
Exploits1References6
prion
prion
added 2010/06/03 4:30 p.m.13 views

Unrestricted file upload

Unrestricted file upload vulnerability in admin/code/tcefunctionstcecodeeditor.php in TCExam 10.1.006 and 10.1.007 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in cache/...

6.8CVSS8.2AI score0.07472EPSS
Exploits1References6Affected Software1
cvelist
cvelist
added 2010/06/03 4:0 p.m.21 views

CVE-2010-2153

Unrestricted file upload vulnerability in admin/code/tcefunctionstcecodeeditor.php in TCExam 10.1.006 and 10.1.007 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in cache/...

7.7AI score0.07472EPSS
Exploits1References6
cve
cve
added 2010/06/03 4:0 p.m.44 views

CVE-2010-2153

Affected software: TCExam (versions 10.1.006 and 10.1.007). Vulnerable component: admin/code/tce_functions_tcecode_editor.php. Root cause / vulnerability type: Unrestricted file upload allowing an uploaded file with an executable extension to be stored and then accessed via a direct request to th...

6.8CVSS7.9AI score0.07472EPSS
Exploits1References6Affected Software1
packetstorm
packetstorm
added 2010/06/02 12:0 a.m.20 views

TCExam 10.1.006 Shell Upload

============================================================================================================ //\ /\ /\ /\ /\ /\ ///\ //\ /\ /\///\ // \ // //\ \ / //\ \ / // //\ \ /\\ \ \ \ / / / / // \ \ // // // // \ // //\ \\ \ // /// \ \ / \ / // / // / / / / / \ \ / / / ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/06/02 12:0 a.m.8 views

TCExam 10.1.7 - admincodetce_functions_tcecode_editor.php Arbitrary File Upload

TCExam 10.1.7 - admincodetcefunctionstcecodeeditor.php Arbitrary File Upload source: https://www.securityfocus.com/bid/40511/info TCExam is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied inpu...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2010/06/02 12:0 a.m.17 views

TCExam 10.1.7 - &#039;/admin/code/tce_functions_tcecode_editor.php&#039; Arbitrary File Upload

source: https://www.securityfocus.com/bid/40511/info TCExam is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and ru...

7AI score
Exploits0
prion
prion
added 2007/12/10 6:46 p.m.18 views

Sql injection

Multiple SQL injection vulnerabilities in TCExam before 5.1.000 allow remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.2AI score0.01063EPSS
Exploits0References4Affected Software1
nvd
nvd
added 2007/12/10 6:46 p.m.14 views

CVE-2007-6288

Multiple SQL injection vulnerabilities in TCExam before 5.1.000 allow remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.5AI score0.01063EPSS
Exploits0References4
cvelist
cvelist
added 2007/12/10 6:0 p.m.17 views

CVE-2007-6288

Multiple SQL injection vulnerabilities in TCExam before 5.1.000 allow remote attackers to execute arbitrary SQL commands via unspecified vectors...

8.5AI score0.01063EPSS
Exploits0References4
cve
cve
added 2007/12/10 6:0 p.m.45 views

CVE-2007-6288

CVE-2007-6288 affects TCExam prior to 5.1.000 and involves multiple SQL injection vulnerabilities. The underlying issue is injection in SQL queries, allowing remote attackers to run arbitrary SQL via unspecified vectors. Reported impact per the entry indicates partial confidentiality, integrity, ...

7.5CVSS8.6AI score0.01063EPSS
Exploits0References4Affected Software1
packetstorm
packetstorm
added 2007/05/03 12:0 a.m.19 views

tcexam-inject.txt

resource = array; // set selecteed language $this-language = strtoupper$language; // set filename for cache $this-cachefile = $cachefile; if fileexists$this-cachefile // read data from cache requireonce$this-cachefile; $this-resource = $tmx; else if !empty$this-cachefile // open cache file...

7.4AI score
Exploits0
nvd
nvd
added 2007/05/02 12:19 a.m.15 views

CVE-2007-2431

Dynamic variable evaluation vulnerability in shared/config/tceconfig.php in TCExam 4.0.011 and earlier allows remote attackers to conduct cross-site scripting XSS and possibly other attacks by modifying critical variables such as $SERVER, as demonstrated by injecting web script via the...

6.8CVSS5.9AI score0.05102EPSS
Exploits0References6
nvd
nvd
added 2007/05/02 12:19 a.m.19 views

CVE-2007-2430

shared/code/tcetmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php...

7.8CVSS6.9AI score0.03702EPSS
Exploits0References7
Rows per page
Query Builder