Browse all 11 CVE security advisories affecting Tecnick. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Tecnick develops PHP libraries and tools for web application development, primarily serving developers who integrate these components into their projects. Historically, vulnerabilities in their software have frequently involved remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and insecure default configurations. While no major public security incidents have been widely documented, the 11 CVEs on record indicate consistent but manageable security challenges. Their codebase typically requires careful implementation and regular updates to mitigate risks, as many issues arise from improper usage rather than fundamental design flaws.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4169 | Tecnick TCExam XML Export tce_xml_users.php F_xml_export_users cross site scripting — TCExamCWE-79 | 2.4 | Low | 2026-03-15 |
| CVE-2026-4168 | Tecnick TCExam Group tce_edit_group.php cross site scripting — TCExamCWE-79 | 2.4 | Low | 2026-03-15 |
| CVE-2025-23176 | Tecnick – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') — TCExamCWE-89 | 8.8 | High | 2025-04-22 |
| CVE-2025-23175 | Tecnick - Multiple XSS (CWE-79) — TCExamCWE-79 | 6.1 | Medium | 2025-04-22 |
| CVE-2024-47926 | Tecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') — TCExamCWE-89 | 9.8 | Critical | 2024-12-30 |
| CVE-2024-47925 | Tecnick TCExam – Multiple CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') — TCExamCWE-79 | 7.5 | High | 2024-12-30 |
This page lists every published CVE security advisory associated with Tecnick. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.