Vulnerabilities > Tecnick

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-07	CVE-2020-5748	Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2 Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks via the self-registration feature. network tecnick CWE-79	4.3
2020-05-07	CVE-2020-5747	Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2 Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test. network tecnick CWE-79	3.5
2020-05-07	CVE-2020-5746	Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2 Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test. network tecnick CWE-79	3.5
2020-05-07	CVE-2020-5745	Cross-site Scripting vulnerability in Tecnick Tcexam 14.2.2 Cross-site request forgery in TCExam 14.2.2 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. network tecnick CWE-79	4.3
2020-05-07	CVE-2020-5744	Path Traversal vulnerability in Tecnick Tcexam 14.2.2 Relative Path Traversal in TCExam 14.2.2 allows a remote, authenticated attacker to read the contents of arbitrary files on disk. network low complexity tecnick CWE-22	4.0
2020-05-07	CVE-2020-5743	Information Exposure vulnerability in Tecnick Tcexam 14.2.2 Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission. network low complexity tecnick CWE-200	4.0
2018-09-14	CVE-2018-17057	Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in TCPDF before 6.2.22. network low complexity tecnick limesurvey CWE-502	7.5
2018-07-07	CVE-2018-13422	Cross-site Scripting vulnerability in Tecnick Tcexam TCExam before 14.1.2 has XSS via an ff_ or xl_ field. network tecnick CWE-79	4.3
2011-09-24	CVE-2011-3806	Information Exposure vulnerability in Tecnick Tcexam 11.1.015 TCExam 11.1.015 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/code/tce_page_footer.php and certain other files. network low complexity tecnick CWE-200	5.0
2010-06-03	CVE-2010-2153	Unspecified vulnerability in Tecnick Tcexam 10.1.006/10.1.007 Unrestricted file upload vulnerability in admin/code/tce_functions_tcecode_editor.php in TCExam 10.1.006 and 10.1.007 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in cache/. network tecnick	6.8

Vulnerabilities > Tecnick {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Tecnick"}]}

Vulnerabilities > Tecnick