Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2012-4238

Published: 20/08/2012 Updated: 07/11/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 187
Vector: AV:N/AC:H/Au:S/C:N/I:P/A:N
Subscribe to Tcexam

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in admin/code/tce_edit_answer.php in TCExam prior to 11.3.008 allows remote authenticated users with level 5 or greater permissions to inject arbitrary web script or HTML via the question_subject_id parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

tecnick tcexam 11.1.019

tecnick tcexam 11.3.000

tecnick tcexam 10.1.013

tecnick tcexam 10.1.007

tecnick tcexam 11.2.016

tecnick tcexam 11.2.032

tecnick tcexam 11.2.005

tecnick tcexam 11.1.004

tecnick tcexam 11.1.021

tecnick tcexam 11.1.006

tecnick tcexam 10.1.005

tecnick tcexam 11.0.009

tecnick tcexam 11.0.016

tecnick tcexam 10.1.002

tecnick tcexam 10.1.011

tecnick tcexam 11.2.020

tecnick tcexam 11.2.000

tecnick tcexam 11.0.015

tecnick tcexam 11.2.003

tecnick tcexam 11.0.001

tecnick tcexam 11.2.010

tecnick tcexam 11.2.021

tecnick tcexam 11.1.007

tecnick tcexam 11.2.028

tecnick tcexam 10.1.012

tecnick tcexam 11.1.001

tecnick tcexam 11.1.028

tecnick tcexam 11.1.011

tecnick tcexam 11.0.003

tecnick tcexam 11.1.012

tecnick tcexam 11.1.013

tecnick tcexam 11.3.002

tecnick tcexam 11.2.007

tecnick tcexam 11.2.029

tecnick tcexam 11.0.012

tecnick tcexam 11.1.025

tecnick tcexam 11.2.015

tecnick tcexam 11.1.023

tecnick tcexam 11.0.011

tecnick tcexam 11.1.009

tecnick tcexam 10.1.004

tecnick tcexam 10.1.009

tecnick tcexam 11.0.004

tecnick tcexam 11.1.031

tecnick tcexam 11.0.010

tecnick tcexam 11.2.013

tecnick tcexam 11.1.010

tecnick tcexam 11.2.030

tecnick tcexam 10.1.003

tecnick tcexam 10.1.010

tecnick tcexam 11.0.008

tecnick tcexam 11.2.004

tecnick tcexam 11.1.003

tecnick tcexam 11.0.000

tecnick tcexam 11.2.002

tecnick tcexam 11.1.018

tecnick tcexam 11.1.022

tecnick tcexam 11.0.007

tecnick tcexam 11.1.000

tecnick tcexam 11.3.006

tecnick tcexam 11.1.017

tecnick tcexam 11.1.020

tecnick tcexam 11.0.006

tecnick tcexam 11.3.003

tecnick tcexam 11.1.026

tecnick tcexam 10.1.006

tecnick tcexam 11.2.022

tecnick tcexam 11.3.004

tecnick tcexam 11.1.016

tecnick tcexam 11.1.024

tecnick tcexam

tecnick tcexam 11.0.002

tecnick tcexam 10.1.000

tecnick tcexam 11.0.013

tecnick tcexam 11.2.025

tecnick tcexam 11.2.018

tecnick tcexam 11.2.027

tecnick tcexam 11.1.014

tecnick tcexam 11.2.017

tecnick tcexam 11.3.001

tecnick tcexam 11.0.005

tecnick tcexam 11.2.026

tecnick tcexam 11.1.002

tecnick tcexam 11.2.023

tecnick tcexam 10.1.001

tecnick tcexam 11.2.011

tecnick tcexam 11.1.027

tecnick tcexam 11.1.008

tecnick tcexam 11.2.012

tecnick tcexam 11.2.006

tecnick tcexam 11.3.005

tecnick tcexam 11.0.014

tecnick tcexam 11.2.014

tecnick tcexam 11.1.005

tecnick tcexam 11.2.031

tecnick tcexam 11.1.030

tecnick tcexam 11.1.029

tecnick tcexam 11.2.001

tecnick tcexam 11.1.015

tecnick tcexam 10.1.008

tecnick tcexam 11.2.008

Exploits

Exploit DB: TCExam 11.3.007 Cross Site Scripting
TCExam version 113007 suffers from a cross site scripting vulnerability ...

References

CWE-79http://www.reactionpenetrationtesting.co.uk/tcexam-cross-site-scripting.htmlhttp://archives.neohapsis.com/archives/bugtraq/2012-08/0090.htmlhttp://freecode.com/projects/tcexam/releases/347125http://secunia.com/advisories/50141http://tcexam.git.sourceforge.net/git/gitweb.cgi?p=tcexam/tcexam%3Bh=edf6e08622642f1b2421f4355d98250d9e1b0742https://nvd.nist.govhttps://packetstormsecurity.com/files/115502/TCExam-11.3.007-Cross-Site-Scripting.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook