CVE-2007-2430
CVE-2007-2430 affects TCExam 4.0.011 and earlier. The vulnerability is in shared/code/tce_tmx.php, where an attacker can create arbitrary PHP files in cache/ by placing crafted content and directory-traversal data into a SessionUserLang cookie that is processed by public/code/index.php. This indi...