Vulnerability Database

291,049

Total vulnerabilities in the database

CVE-2010-2153

Unrestricted file upload vulnerability in admin/code/tce_functions_tcecode_editor.php in TCExam 10.1.006 and 10.1.007 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in cache/.

  • Published: Jun 3, 2010
  • Updated: Apr 13, 2023
  • CVE: CVE-2010-2153
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
tecnick / tcexam 10.1.007 10.1.007.x
tecnick / tcexam 10.1.006 10.1.006.x