CVE Tools

tecnick

OSS Librariesindividual-dev

16

Cumulative CVEs

5

Monthly snapshots

#74

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting tecnick.

CVE-2026-4169Tecnick TCExam XML Export tce_xml_users.php F_xml_export_users cross site scripting2.4Mar 15, 2026
CVE-2026-4168Tecnick TCExam Group tce_edit_group.php cross site scripting2.4Mar 15, 2026
CVE-2025-23176Tecnick – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')8.8Apr 22, 2025
CVE-2025-23175Tecnick - Multiple XSS (CWE-79)6.1Apr 22, 2025
CVE-2024-47926Tecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')9.8Dec 30, 2024
CVE-2024-47925Tecnick TCExam – Multiple CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')7.5Dec 30, 2024
CVE-2024-56527An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message.7.5Dec 27, 2024
CVE-2024-56522An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes.7.5Dec 27, 2024
CVE-2024-56521An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely.9.8Dec 27, 2024
CVE-2024-56520An issue was discovered in tc-lib-pdf-font before 2.6.4, as used in TCPDF before 6.8.0 and other products. Fonts are mishandled, e.g., FontBBox for Type 1 and TrueType fonts is misparsed.7.3Dec 27, 2024
CVE-2024-56519An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute.7.5Dec 27, 2024
CVE-2023-6554Missing authorisation in TCExam6.5Jan 11, 2024
CVE-2021-20116A reflected cross-site scripting vulnerability exists in TCExam <= 14.8.4. The paths provided in the f, d, and dir parameters in tce_select_mediafile.php were not properly validated and could cause...6.1Aug 5, 2021
CVE-2021-20115A reflected cross-site scripting vulnerability exists in TCExam <= 14.8.3. The paths provided in the f, d, and dir parameters in tce_filemanager.php were not properly validated and could cause refl...6.1Aug 5, 2021
CVE-2021-20114When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.7.5Jul 29, 2021