SQL Injection Vulnerabilities in TCExam by SourceForge
CVE-2012-4237

Currently unrated

Key Information:

Vendor

Tecnick

Status
Tcexam
Vendor
CVE Published:
20 August 2012

What is CVE-2012-4237?

TCExam versions before 11.3.008 are susceptible to multiple SQL injection vulnerabilities. Authenticated users with level 5 or higher permissions can exploit these vulnerabilities to execute arbitrary SQL commands. This can occur through the subject_module_id parameter when accessing specific scripts such as tce_edit_answer.php or tce_edit_question.php. This flaw poses significant risks for data integrity and security, allowing unauthorized access to sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/54861
vdb-entryx_refsource_BID
http://tcexam.git.sourceforge.net/git/gitweb.cgi?p=tcexam...
x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/2012-08/00...
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.