Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
testlink testlink vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2012-2275
Multiple cross-site request forgery (CSRF) vulnerabilities in TestLink 1.9.3 and previous versions allow remote malicious users to hijack the authentication of users for requests that add, delete, or modify sensitive information, as demonstrated by changing the administrator'...
Teamst Testlink 1.8
Teamst Testlink 1.7.4
Teamst Testlink 1.8.1
Teamst Testlink 1.7.3
Teamst Testlink 1.8.0
Teamst Testlink 1.8.2
Teamst Testlink 1.8.4
Teamst Testlink
Teamst Testlink 1.7.2
Teamst Testlink 1.8.3
Teamst Testlink 1.7.0
Teamst Testlink 1.7.1
Teamst Testlink 1.7
1 EDB exploit
6.5
CVSSv2
CVE-2009-4238
Multiple SQL injection vulnerabilities in TestLink prior to 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the Test Case ID field to lib/general/navBar.php or (2) the logLevel parameter to lib/events/eventviewer.php.
Teamst Testlink 1.7
Teamst Testlink 1.7.1
Teamst Testlink 1.8.0
Teamst Testlink 1.8
Teamst Testlink 1.7.3
Teamst Testlink 1.7.2
Teamst Testlink 1.8.3
Teamst Testlink 1.8.2
Teamst Testlink 1.8.4
Teamst Testlink 1.8.1
Teamst Testlink 1.7.4
1 EDB exploit
6.5
CVSSv2
CVE-2012-0938
Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and previous versions allow remote authenticated users with certain permissions to execute arbitrary SQL commands via the root_node parameter in the display_children function to (1) getrequirementnodes.php or (2) g...
Testlink Testlink 1.9.3
Testlink Testlink 1.8.5b
6.5
CVSSv2
CVE-2012-0939
Multiple SQL injection vulnerabilities in TestLink 1.8.5b and previous versions allow remote authenticated users with the Requirement view permission to execute arbitrary SQL commands via the req_spec_id parameter to (1) reqSpecAnalyse.php, (2) reqSpecPrint.php, or (3) reqSpecVie...
Testlink Testlink 1.9.3
Testlink Testlink 1.8.5b
3.5
CVSSv2
CVE-2009-4237
Multiple cross-site scripting (XSS) vulnerabilities in TestLink prior to 1.8.5 allow remote malicious users to inject arbitrary web script or HTML via (1) the req parameter to login.php, and allow remote authenticated users to inject arbitrary web script or HTML via (2) the key p...
Teamst Testlink 1.7
Teamst Testlink 1.7.1
Teamst Testlink 1.8.0
Teamst Testlink 1.8.3
Teamst Testlink
Teamst Testlink 1.8
Teamst Testlink 1.8.2
Teamst Testlink 1.8.1
Teamst Testlink 1.7.4
1 EDB exploit
4.3
CVSSv2
CVE-2008-5807
Multiple cross-site scripting (XSS) vulnerabilities in TestLink prior to 1.8 RC1 allow remote malicious users to inject arbitrary web script or HTML via (1) Testproject Names and (2) Testplan Names in planEdit.php, and possibly (3) Testcaseprefixes in projectview.tpl.
Teamst Testlink 1.8
Teamst Testlink 1.7.4
Teamst Testlink 1.7.1
Teamst Testlink 1.7.3
Teamst Testlink 1.7.2
Teamst Testlink
6.5
CVSSv2
CVE-2019-20107
Multiple SQL injection vulnerabilities in TestLink up to and including 1.9.19 allows remote authenticated users to execute arbitrary SQL commands via the (1) tproject_id parameter to keywordsView.php; the (2) req_spec_id parameter to reqSpecCompareRevisions.php; the (3) requireme...
Testlink Testlink
5
CVSSv2
CVE-2014-8082
lib/functions/database.class.php in TestLink prior to 1.9.13 allows remote malicious users to obtain sensitive information via unspecified vectors, which reveals the installation path in an error message.
Testlink Testlink
10
CVSSv2
CVE-2007-6006
TestLink prior to 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown impact and attack vectors.
Testlink Testlink
5
CVSSv2
CVE-2018-7668
TestLink up to and including 1.9.16 allows remote malicious users to read arbitrary attachments via a modified ID field to /lib/attachments/attachmentdownload.php.
Testlink Testlink
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »