Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tecnick tcexam 14.2.2 vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2020-5743
Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated malicious user to access test metadata for which they don't have permission.
Tecnick Tcexam 14.2.2
356
VMScore
CVE-2020-5744
Relative Path Traversal in TCExam 14.2.2 allows a remote, authenticated malicious user to read the contents of arbitrary files on disk.
Tecnick Tcexam 14.2.2
383
VMScore
CVE-2020-5745
Cross-site request forgery in TCExam 14.2.2 allows a remote malicious user to perform sensitive application actions by tricking legitimate users into clicking a crafted link.
Tecnick Tcexam 14.2.2
312
VMScore
CVE-2020-5746
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated malicious user to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.
Tecnick Tcexam 14.2.2
312
VMScore
CVE-2020-5747
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated malicious user to conduct persistent cross-site scripting (XSS) attacks by creating a crafted test.
Tecnick Tcexam 14.2.2
383
VMScore
CVE-2020-5748
Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated malicious user to conduct persistent cross-site scripting (XSS) attacks via the self-registration feature.
Tecnick Tcexam 14.2.2
312
VMScore
CVE-2020-5749
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated malicious user to conduct persistent cross-site scripting (XSS) attacks by creating a crafted group.
Tecnick Tcexam 14.2.2
383
VMScore
CVE-2020-5750
Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated malicious user to conduct persistent cross-site scripting (XSS) attacks via the self-registration feature.
Tecnick Tcexam 14.2.2
312
VMScore
CVE-2020-5751
Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated malicious user to conduct persistent cross-site scripting (XSS) attacks by creating a crafted operator.
Tecnick Tcexam 14.2.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started