Vulnerabilidades em tecnick
11 resultadosCVE-2024-56521CRITICALAn issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely.EPSS 0.7%CVE-2024-56527HIGHAn issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message.EPSS 0.7%CVE-2024-56519HIGHAn issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute.EPSS 0.6%CVE-2024-56522HIGHAn issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function EPSS 0.6%CVE-2024-47926CRITICALTecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')EPSS 0.5%CVE-2024-56520HIGHAn issue was discovered in tc-lib-pdf-font before 2.6.4, as used in TCPDF before 6.8.0 and other products. Fonts are mishandled, e.g., FontBEPSS 0.5%CVE-2024-47925HIGHTecnick TCExam – Multiple CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')EPSS 0.5%CVE-2025-23176HIGHTecnick – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')EPSS 0.4%CVE-2026-4168MEDIUMTecnick TCExam Group tce_edit_group.php cross site scriptingEPSS 0.3%CVE-2026-4169MEDIUMTecnick TCExam XML Export tce_xml_users.php F_xml_export_users cross site scriptingEPSS 0.2%CVE-2025-23175MEDIUMTecnick - Multiple XSS (CWE-79)EPSS 0.2%