Known Vulnerabilities for products from Tecnick
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Tecnick".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-4169 json | Not Provided | 2026-03-16 | 2026-03-16 | |
| CVE-2026-4168 json | Not Provided | 2026-03-16 | 2026-03-16 | |
| CVE-2021-20116 json | A reflected cross-site scripting vulnerability exists in TCExam <= 14.8.4. The paths provided in the f, d, and dir parameters... | 6.1 - MEDIUM | 2021-08-05 | 2021-08-12 |
| CVE-2021-20115 json | A reflected cross-site scripting vulnerability exists in TCExam <= 14.8.3. The paths provided in the f, d, and dir parameters... | 6.1 - MEDIUM | 2021-08-05 | 2021-08-12 |
| CVE-2021-20114 json | When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cach... | 7.5 - HIGH | 2021-07-30 | 2022-07-12 |
| CVE-2021-20113 json | An exposure of sensitive information vulnerability exists in TCExam <= 14.8.1. If a password reset request was made for an em... | 5.3 - MEDIUM | 2021-07-30 | 2021-08-02 |
| CVE-2021-20112 json | A stored cross-site scripting vulnerability exists in TCExam <= 14.8.1. Valid files uploaded via tce_select_mediafile.php wit... | 5.4 - MEDIUM | 2021-07-30 | 2021-08-02 |
| CVE-2021-20111 json | A stored cross-site scripting vulnerability exists in TCExam <= 14.8.1. Valid files uploaded via tce_filemanager.php with a f... | 5.4 - MEDIUM | 2021-07-30 | 2021-08-02 |
| CVE-2020-5751 json | Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site sc... | 5.4 - MEDIUM | 2020-05-07 | 2020-05-11 |
| CVE-2020-5750 json | Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site ... | 6.1 - MEDIUM | 2020-05-07 | 2020-05-11 |
| CVE-2020-5749 json | Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site sc... | 5.4 - MEDIUM | 2020-05-07 | 2020-05-11 |
| CVE-2020-5748 json | Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to conduct persistent cross-site ... | 6.1 - MEDIUM | 2020-05-07 | 2020-05-11 |
| CVE-2020-5747 json | Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site sc... | 5.4 - MEDIUM | 2020-05-07 | 2020-05-11 |
| CVE-2020-5746 json | Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site sc... | 5.4 - MEDIUM | 2020-05-07 | 2020-05-11 |
| CVE-2020-5745 json | Cross-site request forgery in TCExam 14.2.2 allows a remote attacker to perform sensitive application actions by tricking leg... | 7.4 - HIGH | 2020-05-07 | 2021-07-21 |
| CVE-2020-5744 json | Relative Path Traversal in TCExam 14.2.2 allows a remote, authenticated attacker to read the contents of arbitrary files on d... | 4.9 - MEDIUM | 2020-05-07 | 2020-05-13 |
| CVE-2020-5743 json | Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for... | 4.3 - MEDIUM | 2020-05-07 | 2021-07-21 |
| CVE-2018-17057 json | An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapp... | 9.8 - CRITICAL | 2018-09-14 | 2019-04-26 |
| CVE-2018-13422 json | TCExam before 14.1.2 has XSS via an ff_ or xl_ field. | 6.1 - MEDIUM | 2018-07-07 | 2018-08-27 |
| CVE-2012-4602 json | Multiple cross-site scripting (XSS) vulnerabilities in admin/code/tce_select_users_popup.php in Nicola Asuni TCExam before 11... | Not Provided | 2012-11-23 | 2026-04-29 |
Known software with vulnerabilities from Tecnick
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Tecnick | Tcexam | 10.1.000 |