Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tecnick tcexam 14.2.2 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-5743
Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated malicious user to access test metadata for which they don't have permission.
Tecnick Tcexam 14.2.2
4
CVSSv2
CVE-2020-5744
Relative Path Traversal in TCExam 14.2.2 allows a remote, authenticated malicious user to read the contents of arbitrary files on disk.
Tecnick Tcexam 14.2.2
4.3
CVSSv2
CVE-2020-5745
Cross-site request forgery in TCExam 14.2.2 allows a remote malicious user to perform sensitive application actions by tricking legitimate users into clicking a crafted link.
Tecnick Tcexam 14.2.2
3.5
CVSSv2
CVE-2020-5746
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated malicious user to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.
Tecnick Tcexam 14.2.2
3.5
CVSSv2
CVE-2020-5747
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated malicious user to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.
Tecnick Tcexam 14.2.2
4.3
CVSSv2
CVE-2020-5748
Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated malicious user to conduct persistent cross-site scripting (XSS) attacks via the self-registration feature.
Tecnick Tcexam 14.2.2
3.5
CVSSv2
CVE-2020-5749
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated malicious user to conduct persistent cross-site scripting (XSS) attacks by creating a crafted group.
Tecnick Tcexam 14.2.2
4.3
CVSSv2
CVE-2020-5750
Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated malicious user to conduct persistent cross-site scripting (XSS) attacks via the self-registration feature.
Tecnick Tcexam 14.2.2
3.5
CVSSv2
CVE-2020-5751
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated malicious user to conduct persistent cross-site scripting (XSS) attacks by creating a crafted operator.
Tecnick Tcexam 14.2.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started