{"id":"CVE-2020-5744","details":"Relative Path Traversal in TCExam 14.2.2 allows a remote, authenticated attacker to read the contents of arbitrary files on disk.","modified":"2026-04-10T04:27:43.471363Z","published":"2020-05-07T17:15:11.980Z","references":[{"type":"FIX","url":"https://www.tenable.com/security/research/tra-2020-31"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tecnickcom/tcexam","events":[{"introduced":"0"},{"last_affected":"a84d81617b45538a32a46d7ef456a01f4e21e2fa"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"14.2.2"}]}}],"versions":["12.0.013","12.0.014","12.1.000","12.1.001","12.1.002","12.1.003","12.1.004","12.1.005","12.1.006","12.1.007","12.1.008","12.1.009","12.1.010","12.1.011","12.1.012","12.1.013","12.1.014","12.1.015","12.1.016","12.1.017","12.1.018","12.1.019","12.1.020","12.1.021","12.1.022","12.1.023","12.1.024","12.1.025","12.1.026","12.1.027","12.1.28","12.1.29","12.1.30","12.2.0","12.2.1","12.2.2","12.2.3","12.2.4","12.2.5","13.0.1","13.0.2","13.1.1","13.2.0","13.2.1","13.3.0","14.0.0","14.0.1","14.0.2","14.0.3","14.1.0","14.1.2","14.1.3","14.1.4","14.2.1","14.2.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-5744.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}]}