Vulnerabilities > Tecnick > Tcexam > 11.1.015

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2023-6554 Missing Authorization vulnerability in Tecnick Tcexam
When access to the "admin" folder is not protected by some external authorization mechanisms e.g.
network
low complexity
tecnick CWE-862
6.5
2021-08-05 CVE-2021-20115 Cross-site Scripting vulnerability in Tecnick Tcexam
A reflected cross-site scripting vulnerability exists in TCExam <= 14.8.3.
network
tecnick CWE-79
4.3
2021-08-05 CVE-2021-20116 Cross-site Scripting vulnerability in Tecnick Tcexam
A reflected cross-site scripting vulnerability exists in TCExam <= 14.8.4.
network
tecnick CWE-79
4.3
2021-07-30 CVE-2021-20111 Cross-site Scripting vulnerability in Tecnick Tcexam
A stored cross-site scripting vulnerability exists in TCExam <= 14.8.1.
network
tecnick CWE-79
3.5
2021-07-30 CVE-2021-20112 Cross-site Scripting vulnerability in Tecnick Tcexam
A stored cross-site scripting vulnerability exists in TCExam <= 14.8.1.
network
tecnick CWE-79
3.5
2021-07-30 CVE-2021-20113 Information Exposure Through Discrepancy vulnerability in Tecnick Tcexam
An exposure of sensitive information vulnerability exists in TCExam <= 14.8.1.
network
low complexity
tecnick CWE-203
5.0
2021-07-30 CVE-2021-20114 Forced Browsing vulnerability in Tecnick Tcexam
When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.
network
low complexity
tecnick CWE-425
5.0
2018-07-07 CVE-2018-13422 Cross-site Scripting vulnerability in Tecnick Tcexam
TCExam before 14.1.2 has XSS via an ff_ or xl_ field.
network
tecnick CWE-79
4.3
2011-09-24 CVE-2011-3806 Information Exposure vulnerability in Tecnick Tcexam 11.1.015
TCExam 11.1.015 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/code/tce_page_footer.php and certain other files.
network
low complexity
tecnick CWE-200
5.0