CVE-2010-2153

CVE-2010-2153 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Unrestricted file upload vulnerability in admin/code/tce_functions_tcecode_editor.php in TCExam 10.1.006 and 10.1.007 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in cache/.

Learn more about our Web Application Penetration Testing UK.