cbcvebase.
CVE-2007-2430
published 2007-05-02

CVE-2007-2430: shared/code/tce_tmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory…

PriorityP343high7.8CVSS 2.0
AVNACLAuNCNICAN
EXPLOIT
EPSS
3.70%
88.4th percentile
shared/code/tce_tmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php.

Affected

1 ranges
VendorProductVersion rangeFixed in
tecnick.comtcexam<= 4.0.011
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.