TCExam version 11.1.029 suffers from a remote SQL injection vulnerability.
900162c3dfeb68ad88e2af92c699d344c1a2c090365b7b9f726135337f287e5e
------------------------------------------------------------------------
Software................TCExam 11.1.029
Vulnerability...........SQL Injection
Threat Level............Serious (3/5)
Download................https://www.tcexam.org/
Discovery Date..........5/2/2011
Tested On...............Windows Vista + XAMPP
------------------------------------------------------------------------
Author..................AutoSec Tools
Site....................https://www.autosectools.com/
Email...................John Leitch <john@autosectools.com>
------------------------------------------------------------------------
--Description--
A sql injection vulnerability in TCExam 11.1.029 can be exploited to
extract arbitrary data.
--PoC--
https://localhost/tcexam/admin/code/tce_xml_user_results.php?lang=&user_id=1&startdate=[SQL]&enddate=[SQL]&order_field=[SQL]