CVE-2012-4602 in TCExaminfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in admin/code/tce_select_users_popup.php in Nicola Asuni TCExam before 11.3.009 allow remote attackers to inject arbitrary web script or HTML via the (1) cid or (2) uids parameter.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

08/22/2012

Disclosure

11/23/2012

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
63031	Tecnick TCExam cross site scripting	79	Not defined	Official fix	CVE-2012-4602

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!