Vulnerability in Tecnick.com Tcexam

CVE-2007-2430

shared/code/tce_tmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php.

EPSS: 0.037 (88.4th percentile) — read the EPSS interpretation.

Affected products

References