Vulnerability in Tecnick.com Tcexam
CVE-2007-2431
Dynamic variable evaluation vulnerability in shared/config/tce_config.php in TCExam 4.0.011 and earlier allows remote attackers to conduct cross-site scripting (XSS) and possibly other attacks by modifying critical variables such as $_SERV…
EPSS: 0.051 (91.3th percentile) — read the EPSS interpretation.
Affected products
- Tecnick.com Tcexam
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM, Patch)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (mailing-list, x_refsource_VIM)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (exploit, x_refsource_EXPLOIT-DB)