Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Educational

TCExam

TCExam is a FLOSS system for electronic exams (also know as CBA - Computer-Based Assessment CBT - Computer-Based Testing or e-exam) that enables educators and trainers to author schedule deliver and report on quizzes tests and exams.

Official Site:

https://tcexam.org/

Severity Summary:

High: 2 Medium: 20 Low: 1
Reference
Title
Severity
CVE-2020-5745
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
High
CVE-2021-20114
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2020-5751
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2012-4237
TCExam Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Medium
CVE-2021-20111
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-20112
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-20113
TCExam Observable Differences in Behavior to Error Inputs Vulnerability
Medium
CVE-2021-20115
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-20116
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2010-2153
TCExam Other Vulnerability
Medium
CVE-2011-3806
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2012-4601
TCExam Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Medium
CVE-2020-5750
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2012-4602
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-13422
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-5743
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2020-5744
TCExam Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2020-5746
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-5747
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-5748
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-5749
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-6554
TCExam Missing Authorization Vulnerability
Medium
CVE-2012-4238
TCExam Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Low