Information Disclosure Vulnerability in TCExam by TCExam
CVE-2011-3806

Currently unrated

Key Information:

Vendor: Tecnick
Status: Tcexam
Vendor: CVE Published:; 24 September 2011

What is CVE-2011-3806?

TCExam version 11.1.015 is vulnerable to an information disclosure flaw that enables remote attackers to gain access to sensitive information through direct requests to specific PHP files. This vulnerability can reveal the installation path of the application in error messages, which poses a risk for further exploitation. Attackers can leverage this flaw by accessing the public/code/tce_page_footer.php file among others, leading to potential unauthorized access and breaches.

References

http://code.google.com/p/inspathx/source/browse/trunk/pat...

x_refsource_MISC

http://www.openwall.com/lists/oss-security/2011/06/27/6

mailing-listx_refsource_MLIST

http://code.google.com/p/inspathx/source/browse/trunk/pat...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 24, 2011

Tecnick

What is CVE-2011-3806?

References

Timeline