{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_groups[] parameter to admin/code/tce_edit_test.php or (2) subject_id parameter to admin/code/tce_show_all_questions.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:15:34", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://tcexam.git.sourceforge.net/git/gitweb.cgi?p=tcexam/tcexam%3Ba=commit%3Bh=3e1ed3c02122eae182f076daabe903b0c8837971"}, {"name": "50539", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50539"}, {"tags": ["x_refsource_MISC"], "url": "https://www.htbridge.com/advisory/HTB23111"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/projects/tcexam/files/CHANGELOG.TXT/view"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://freecode.com/projects/tcexam/releases/347588"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-4601", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_groups[] parameter to admin/code/tce_edit_test.php or (2) subject_id parameter to admin/code/tce_show_all_questions.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://tcexam.git.sourceforge.net/git/gitweb.cgi?p=tcexam/tcexam;a=commit;h=3e1ed3c02122eae182f076daabe903b0c8837971", "refsource": "CONFIRM", "url": "http://tcexam.git.sourceforge.net/git/gitweb.cgi?p=tcexam/tcexam;a=commit;h=3e1ed3c02122eae182f076daabe903b0c8837971"}, {"name": "50539", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/50539"}, {"name": "https://www.htbridge.com/advisory/HTB23111", "refsource": "MISC", "url": "https://www.htbridge.com/advisory/HTB23111"}, {"name": "http://sourceforge.net/projects/tcexam/files/CHANGELOG.TXT/view", "refsource": "CONFIRM", "url": "http://sourceforge.net/projects/tcexam/files/CHANGELOG.TXT/view"}, {"name": "http://freecode.com/projects/tcexam/releases/347588", "refsource": "CONFIRM", "url": "http://freecode.com/projects/tcexam/releases/347588"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-4601", "datePublished": "2022-10-03T16:15:34", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:15:34", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tecnick:tcexam:*:*:*:*:*:*:*:*", "matchCriteriaId": "720C9C12-DC66-42E3-94DF-FBED5023F998", "versionEndIncluding": "11.3.008", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.000:*:*:*:*:*:*:*", "matchCriteriaId": "7287E93F-9B5A-4A4F-A0F3-BA61F229337D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.001:*:*:*:*:*:*:*", "matchCriteriaId": "DE304D45-FE2F-4B44-A74F-89EDD949E08B", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.002:*:*:*:*:*:*:*", "matchCriteriaId": "4659BFFA-C0D4-4157-9FE9-95E75DF98DBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.003:*:*:*:*:*:*:*", "matchCriteriaId": "06774079-FBA2-4CFB-952E-F9D6EBC99E9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.004:*:*:*:*:*:*:*", "matchCriteriaId": "3632C110-123E-42FB-B885-86AC0496A840", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.005:*:*:*:*:*:*:*", "matchCriteriaId": "3C0E7752-888C-4103-BA46-0688A6940FF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.006:*:*:*:*:*:*:*", "matchCriteriaId": "0DBCCBE8-6E31-4214-A8F2-7740CF8CFC59", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.007:*:*:*:*:*:*:*", "matchCriteriaId": "78E43A8F-11C8-475A-B278-E66BD2D0BEED", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.008:*:*:*:*:*:*:*", "matchCriteriaId": "2CEFF0BC-3282-4EEC-B648-D7FB66687A22", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.009:*:*:*:*:*:*:*", "matchCriteriaId": "2820AE77-E25C-4DBD-B26A-00A5F4190AA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.010:*:*:*:*:*:*:*", "matchCriteriaId": "2C7E4A66-24A5-441B-BCFA-1BF795E842EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.011:*:*:*:*:*:*:*", "matchCriteriaId": "17D047F5-C69A-4E0D-8BF8-23FE201FBB13", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.012:*:*:*:*:*:*:*", "matchCriteriaId": "7842126B-A64F-41A0-A4B5-E52CF552CFBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:10.1.013:*:*:*:*:*:*:*", "matchCriteriaId": "E1E25193-4968-40FE-BA54-2C0E25DB0F15", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.000:*:*:*:*:*:*:*", "matchCriteriaId": "513E6FB7-1B5B-4F5D-8F36-508C2472715F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.001:*:*:*:*:*:*:*", "matchCriteriaId": "D5D89D08-EECF-4C81-9E94-911B1A2370D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.002:*:*:*:*:*:*:*", "matchCriteriaId": "6726BE74-A015-4936-B5B9-85EA080222C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.003:*:*:*:*:*:*:*", "matchCriteriaId": "97AC229D-0885-45D3-A780-C29E21663D33", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.004:*:*:*:*:*:*:*", "matchCriteriaId": "4CE5A37B-6EC8-4790-AA80-4F1948B657FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.005:*:*:*:*:*:*:*", "matchCriteriaId": "9DBF0674-291C-4793-8CBA-A0B2C09BD0BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.006:*:*:*:*:*:*:*", "matchCriteriaId": "DC62D410-2928-489D-B297-9EC831A1C53E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.007:*:*:*:*:*:*:*", "matchCriteriaId": "CC254B57-3DAB-4EDE-A852-627AEDBC7AFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.008:*:*:*:*:*:*:*", "matchCriteriaId": "8DD2B624-838B-4832-9965-1DBB876F5A75", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.009:*:*:*:*:*:*:*", "matchCriteriaId": "8DFF2AAB-59BB-4ED7-AC95-44C96DB1080A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.010:*:*:*:*:*:*:*", "matchCriteriaId": "115D55DB-8751-41B3-A600-78519A460650", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.011:*:*:*:*:*:*:*", "matchCriteriaId": "1CD38E1D-F056-4882-848C-58173731AA7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.012:*:*:*:*:*:*:*", "matchCriteriaId": "CB7B398D-9665-4DF8-9099-F0DA551E0948", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.013:*:*:*:*:*:*:*", "matchCriteriaId": "56B37604-4480-436B-B159-0A947A1BAC19", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.014:*:*:*:*:*:*:*", "matchCriteriaId": "4DF176B7-EF7E-43FB-8F92-BD6112FD1009", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.015:*:*:*:*:*:*:*", "matchCriteriaId": "CE9A4527-F17F-4C2A-B3CE-58059903C091", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.0.016:*:*:*:*:*:*:*", "matchCriteriaId": "14C26608-F7C4-4809-AA66-E03DEBC9E858", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.000:*:*:*:*:*:*:*", "matchCriteriaId": "391AF446-5D84-41DE-A102-F17E2674DB53", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.001:*:*:*:*:*:*:*", "matchCriteriaId": "40AB17EC-85A6-431D-A104-0592FD83DA0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.002:*:*:*:*:*:*:*", "matchCriteriaId": "1457CD43-32D3-4A07-AE32-863661002BE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.003:*:*:*:*:*:*:*", "matchCriteriaId": "78C75386-A50D-48CF-8127-221B9BB8A405", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.004:*:*:*:*:*:*:*", "matchCriteriaId": "1947F0AC-4542-43C3-A7CA-268E8981CFF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.005:*:*:*:*:*:*:*", "matchCriteriaId": "87A6F355-E90C-45F5-924A-2E273C17A77A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.006:*:*:*:*:*:*:*", "matchCriteriaId": "CA3C3DED-3F50-450F-89B5-4D926FAB7B06", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.007:*:*:*:*:*:*:*", "matchCriteriaId": "0C7D7F46-F2FA-41E0-BCD3-0B32CC64F657", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.008:*:*:*:*:*:*:*", "matchCriteriaId": "CBFF8EC6-6ADA-4B8A-ACE6-4F00107F2D48", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.009:*:*:*:*:*:*:*", "matchCriteriaId": "0E643379-E31F-4C0C-92EB-C347D668191D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.010:*:*:*:*:*:*:*", "matchCriteriaId": "8FC974BF-33A5-4F6A-AF65-40E9A56DDCC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.011:*:*:*:*:*:*:*", "matchCriteriaId": "249FE485-F3CD-45C7-8B21-786F6D50851A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.012:*:*:*:*:*:*:*", "matchCriteriaId": "628F72CC-306E-4CF8-9E8D-15CA2482D600", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.013:*:*:*:*:*:*:*", "matchCriteriaId": "AF5E1468-0680-4CB2-8675-4722A8560607", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.014:*:*:*:*:*:*:*", "matchCriteriaId": "62DECE89-EF33-49AC-869F-C3094596A451", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.015:*:*:*:*:*:*:*", "matchCriteriaId": "CE2FF621-4ABC-4C9A-82A3-8151BADE4810", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.016:*:*:*:*:*:*:*", "matchCriteriaId": "FECCD319-5F1C-4F47-867D-F12925E9AB49", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.017:*:*:*:*:*:*:*", "matchCriteriaId": "33BF558B-6E25-4A19-A794-5ED34E110B17", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.018:*:*:*:*:*:*:*", "matchCriteriaId": "0EC31BE4-D779-400A-BFAE-99F2EE4AE094", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.019:*:*:*:*:*:*:*", "matchCriteriaId": "D15CD910-BE87-4BA0-B7A7-BC36D8C48EF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.020:*:*:*:*:*:*:*", "matchCriteriaId": "7A7C1FC6-02C3-4BC5-9A37-6B66F4326CC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.021:*:*:*:*:*:*:*", "matchCriteriaId": "2E218333-6250-484A-8829-3649CC1863C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.022:*:*:*:*:*:*:*", "matchCriteriaId": "0ACF3998-A87D-4F00-846D-3698BD709B29", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.023:*:*:*:*:*:*:*", "matchCriteriaId": "BCD3F95E-0212-4E82-86C4-5771EA5E623A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.024:*:*:*:*:*:*:*", "matchCriteriaId": "3CBC784A-4418-4B71-BB80-291B10063ACF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.025:*:*:*:*:*:*:*", "matchCriteriaId": "83B4FEEA-1BEC-4911-86E3-0AE963ADE644", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.026:*:*:*:*:*:*:*", "matchCriteriaId": "C95867CE-CC40-4437-95CE-FE48F12857FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.027:*:*:*:*:*:*:*", "matchCriteriaId": "85FCB6DF-4F02-4708-B256-4D28EEED7F54", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.028:*:*:*:*:*:*:*", "matchCriteriaId": "01EA4845-0D85-4B97-A845-9F219E3964AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.029:*:*:*:*:*:*:*", "matchCriteriaId": "F05DADC0-C60C-40DA-972E-7A49A499F620", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.030:*:*:*:*:*:*:*", "matchCriteriaId": "A8BB8A45-6110-4EFD-84EF-CEF631AED597", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.1.031:*:*:*:*:*:*:*", "matchCriteriaId": "18884A2F-9BAD-4EEC-89CC-0BB7F4AEF187", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.000:*:*:*:*:*:*:*", "matchCriteriaId": "690F53C2-AACF-4E4E-AECE-E704ABBE13DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.001:*:*:*:*:*:*:*", "matchCriteriaId": "E663B808-656C-4BB5-B3BB-552646FEE34E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.002:*:*:*:*:*:*:*", "matchCriteriaId": "24F23425-542D-4F24-A333-8F145C4F3D12", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.003:*:*:*:*:*:*:*", "matchCriteriaId": "E1051C25-22AA-46DE-95F7-E6BC2CD6132D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.004:*:*:*:*:*:*:*", "matchCriteriaId": "08F962B2-C68F-439A-A20C-D57D846A70C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.005:*:*:*:*:*:*:*", "matchCriteriaId": "4A75BABD-BE4F-4F7E-AFF4-1967B0B1BF9F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.006:*:*:*:*:*:*:*", "matchCriteriaId": "D7509949-207F-4938-B376-949C973AC1DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.007:*:*:*:*:*:*:*", "matchCriteriaId": "1B9A489B-E4DD-4179-893D-48E929CAFAFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.008:*:*:*:*:*:*:*", "matchCriteriaId": "C47C0F2F-1EE3-404A-A003-C8F9F506C6BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.010:*:*:*:*:*:*:*", "matchCriteriaId": "EF152B01-2906-4E6A-81BD-AF4F603E7BE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.011:*:*:*:*:*:*:*", "matchCriteriaId": "BB435B6A-DA82-47DF-AED0-FEF11B62FA50", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.012:*:*:*:*:*:*:*", "matchCriteriaId": "A7A110C7-C934-4A91-AD58-FC57C95392EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.013:*:*:*:*:*:*:*", "matchCriteriaId": "0CCEFB5C-421C-4438-AC97-6EB36B69384A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.014:*:*:*:*:*:*:*", "matchCriteriaId": "30B4A8FA-E94E-42BF-B6EB-18756A1EE127", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.015:*:*:*:*:*:*:*", "matchCriteriaId": "9C3E7D7F-595E-44ED-8D4A-006E01860227", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.016:*:*:*:*:*:*:*", "matchCriteriaId": "023D3754-DE1A-4CEC-929C-E54351CBBAB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.017:*:*:*:*:*:*:*", "matchCriteriaId": "5E394EA4-EC91-4DEC-815E-8AEE71523267", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.018:*:*:*:*:*:*:*", "matchCriteriaId": "CA482C25-3273-42D6-950F-B11148493278", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.020:*:*:*:*:*:*:*", "matchCriteriaId": "67EA2A64-D0AA-4CAE-AF82-DC38AAE5FC0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.021:*:*:*:*:*:*:*", "matchCriteriaId": "2F53E4CF-2607-4C32-99B2-23BF8E77FCBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.022:*:*:*:*:*:*:*", "matchCriteriaId": "DE3FBC4C-BB09-4BCF-B1BA-D9FF8E8CD08C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.023:*:*:*:*:*:*:*", "matchCriteriaId": "AD4779BD-CA13-4FC3-BFF1-0ACC4F5BAF3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.025:*:*:*:*:*:*:*", "matchCriteriaId": "1B8D1F95-ADC0-4D5D-A59E-AEFAE982A082", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.026:*:*:*:*:*:*:*", "matchCriteriaId": "38B1398A-AA5A-4F8E-8A8A-3F009E1199D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.027:*:*:*:*:*:*:*", "matchCriteriaId": "F4630664-A1B7-4836-9C73-A04346A63CCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.028:*:*:*:*:*:*:*", "matchCriteriaId": "4B81BA0A-B5C3-4A3B-BE42-7A1ACA79A7D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.029:*:*:*:*:*:*:*", "matchCriteriaId": "2527DDB7-0974-4A7D-A9C4-D9EC93E6BFEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.030:*:*:*:*:*:*:*", "matchCriteriaId": "6D55F344-2EF0-42D8-8E10-010E86367D0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.031:*:*:*:*:*:*:*", "matchCriteriaId": "DF17E462-7D75-4143-BCF1-D42D3B16D8FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.2.032:*:*:*:*:*:*:*", "matchCriteriaId": "7A173A8C-54E9-444C-BB55-4497BD30DE90", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.000:*:*:*:*:*:*:*", "matchCriteriaId": "CC938ABF-E674-4F51-BDD1-D73FBEEA76D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.001:*:*:*:*:*:*:*", "matchCriteriaId": "83B1E4F3-B02C-4CC1-93DF-425E964513D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.002:*:*:*:*:*:*:*", "matchCriteriaId": "2D9FEF84-F788-45F4-AE6A-C9E9824BAD09", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.003:*:*:*:*:*:*:*", "matchCriteriaId": "353980D7-1E19-43E9-BDBF-77EA3DC87917", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.004:*:*:*:*:*:*:*", "matchCriteriaId": "BB08D03E-740C-4F91-A3A3-BE439AF1981C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.005:*:*:*:*:*:*:*", "matchCriteriaId": "15FDBDB6-23E8-4498-BAD4-C1987D24B15C", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.006:*:*:*:*:*:*:*", "matchCriteriaId": "49497479-5A67-4565-8506-5151D2990FAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tecnick:tcexam:11.3.007:*:*:*:*:*:*:*", "matchCriteriaId": "B6C55FFC-A514-4052-B174-AF07DD532CE8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_groups[] parameter to admin/code/tce_edit_test.php or (2) subject_id parameter to admin/code/tce_show_all_questions.php."}, {"lang": "es", "value": "Multiples vulnerabilidades de inyecci\u00f3n SQL en Nicola Asuni TCExam anterior a v11.3.009 permite a usuarios remotos autenticados con nivel 5 o mayores permisos, ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro (1) user_groups[] para admin/code/tce_edit_test.php o (2) subject_id para admin/code/tce_show_all_questions.php."}], "id": "CVE-2012-4601", "lastModified": "2023-11-07T02:11:54.647", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-11-23T20:55:03.883", "references": [{"source": "cve@mitre.org", "url": "http://freecode.com/projects/tcexam/releases/347588"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/50539"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://sourceforge.net/projects/tcexam/files/CHANGELOG.TXT/view"}, {"source": "cve@mitre.org", "url": "http://tcexam.git.sourceforge.net/git/gitweb.cgi?p=tcexam/tcexam%3Ba=commit%3Bh=3e1ed3c02122eae182f076daabe903b0c8837971"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://www.htbridge.com/advisory/HTB23111"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}