33 matches found
EUVD-2026-12213
A security flaw has been discovered in Tecnick TCExam up to 16.6.0. Affected is the function Fxmlexportusers of the file admin/code/tcexmlusers.php of the component XML Export. Performing a manipulation results in cross site scripting. Remote exploitation of the attack is possible. There are stil...
EUVD-2026-12212
A vulnerability was identified in Tecnick TCExam 16.5.0. This impacts an unknown function of the file /admin/code/tceeditgroup.php of the component Group Handler. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit is publicly...
CVE-2026-4169
A security flaw has been discovered in Tecnick TCExam up to 16.6.0. Affected is the function Fxmlexportusers of the file admin/code/tcexmlusers.php of the component XML Export. Performing a manipulation results in cross site scripting. Remote exploitation of the attack is possible. There are stil...
CVE-2026-4169
A security flaw has been discovered in Tecnick TCExam up to 16.6.0. Affected is the function Fxmlexportusers of the file admin/code/tcexmlusers.php of the component XML Export. Performing a manipulation results in cross site scripting. Remote exploitation of the attack is possible. There are stil...
Tecnick TCExam 代码注入漏洞
Tecnick TCExam is a web-based open-source electronic examination system developed by the British company Tecnick. This system is primarily used for online examinations. Version 16.5.0 of Tecnick TCExam contains a code injection vulnerability. This vulnerability stems from incorrect handling of a...
Tecnick TCExam 代码注入漏洞
Tecnick TCExam is a web-based open-source electronic examination system developed by the British company Tecnick. This system is primarily used for online examinations. Versions of Tecnick TCExam prior to 16.6.0 contained a code injection vulnerability. This vulnerability stemmed from improper...
CVE-2026-4168 Tecnick TCExam Group tce_edit_group.php cross site scripting
A vulnerability was identified in Tecnick TCExam 16.5.0. This impacts an unknown function of the file /admin/code/tceeditgroup.php of the component Group Handler. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit is publicly...
EUVD-2024-42350
Malicious code in bioql PyPI...
EUVD-2024-42347
Malicious code in bioql PyPI...
CVE-2025-23176
CVE-2025-23176 corresponds to an SQL Injection weakness (CWE-89) affecting Tecnick TCExam. Multiple connected sources (CNNVD, CVE list, Red Hat entry) confirm the root cause as improper neutralization of special elements in SQL commands. CNNVD specifies the vulnerable product as Tecnick TCExam in...
CVE-2025-23175
CVE-2025-23175 relates to a multiple XSS (CWE-79) exposure associated with Tecnick TCExam. Connected sources indicate the vulnerable software is Tecnick TCExam, including version 16.3.2 per CNNVD, with reports in PT-Security citing the Tecnick/Tcexam name. The documents do not provide concrete ex...
CVE-2025-23175 Tecnick - Multiple XSS (CWE-79)
Multiple XSS CWE-79...
Tecnick TCExam SQL注入漏洞
Tecnick TCExam is a web-based open source e-exam system from Tecnick UK. The system is mainly used for online exams and so on. A SQL injection vulnerability exists in Tecnick TCExam version 16.3.2, which stems from improper neutralization of special elements in SQL commands, and could lead to SQL...
Tecnick TCExam 跨站脚本漏洞
Tecnick TCExam is a Web-based open source e-exam system from the UK company Tecnick. The system is mainly used for online exams, etc. A cross-site scripting vulnerability exists in Tecnick TCExam version 16.3.2, which stems from vulnerability to multiple cross-site scripting attacks...
PT-2025-17538 · Tecnick · Tcexam
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue involves Multiple XSS CWE-79, which is a type of security vulnerability that allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized acce...
CVE-2024-47925
Tecnick TCExam – Multiple CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2024-47926
Tecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'...
CVE-2024-47926 Tecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Tecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'...
CVE-2024-47926
Tecnick TCExam is affected by a SQL Injection (CWE-89) due to improper neutralization of special elements in SQL commands. The CVE-2024-47926 entry indicates a high-impact vulnerability with CVSS v3.1 base score 9.8 (Network attack vector, low complexity, no privileges required, user interaction ...
CVE-2024-47926 Tecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Tecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'...