Vulnerabilities > Tecnick > Tcexam > 14.5.0

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2023-6554 Missing Authorization vulnerability in Tecnick Tcexam
When access to the "admin" folder is not protected by some external authorization mechanisms e.g.
network
low complexity
tecnick CWE-862
6.5
6.5
2021-08-05 CVE-2021-20115 Cross-site Scripting vulnerability in Tecnick Tcexam
A reflected cross-site scripting vulnerability exists in TCExam <= 14.8.3.
network
tecnick CWE-79
4.3
4.3
2021-08-05 CVE-2021-20116 Cross-site Scripting vulnerability in Tecnick Tcexam
A reflected cross-site scripting vulnerability exists in TCExam <= 14.8.4.
network
tecnick CWE-79
4.3
4.3
2021-07-30 CVE-2021-20114 Forced Browsing vulnerability in Tecnick Tcexam
When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.
network
low complexity
tecnick CWE-425
5.0
5.0