5 matches found
EUVD-2007-2425
Malware in sbrugna...
Directory traversal
shared/code/tcetmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php...
CVE-2007-2430
shared/code/tcetmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php...
CVE-2007-2430
shared/code/tcetmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php...
TCExam 4.0.011 - SessionUserLang Shell Injection
TCExam 4.0.011 - SessionUserLang Shell Injection resource = array; // set selecteed language $this-language = strtoupper$language; // set filename for cache $this-cachefile = $cachefile; if fileexists$this-cachefile // read data from cache requireonce$this-cachefile; $this-resource = $tmx; else i...