Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
testlink testlink vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-2275
Multiple cross-site request forgery (CSRF) vulnerabilities in TestLink 1.9.3 and previous versions allow remote malicious users to hijack the authentication of users for requests that add, delete, or modify sensitive information, as demonstrated by changing the administrator'...
Teamst Testlink 1.8
Teamst Testlink 1.7.4
Teamst Testlink 1.8.1
Teamst Testlink 1.7.3
Teamst Testlink 1.8.0
Teamst Testlink 1.8.2
Teamst Testlink 1.8.4
Teamst Testlink
Teamst Testlink 1.7.2
Teamst Testlink 1.8.3
Teamst Testlink 1.7.0
Teamst Testlink 1.7.1
Teamst Testlink 1.7
1 EDB exploit
NA
CVE-2009-4238
Multiple SQL injection vulnerabilities in TestLink prior to 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the Test Case ID field to lib/general/navBar.php or (2) the logLevel parameter to lib/events/eventviewer.php.
Teamst Testlink 1.7
Teamst Testlink 1.7.1
Teamst Testlink 1.8.0
Teamst Testlink 1.8
Teamst Testlink 1.7.3
Teamst Testlink 1.7.2
Teamst Testlink 1.8.3
Teamst Testlink 1.8.2
Teamst Testlink 1.8.4
Teamst Testlink 1.8.1
Teamst Testlink 1.7.4
1 EDB exploit
NA
CVE-2012-0939
Multiple SQL injection vulnerabilities in TestLink 1.8.5b and previous versions allow remote authenticated users with the Requirement view permission to execute arbitrary SQL commands via the req_spec_id parameter to (1) reqSpecAnalyse.php, (2) reqSpecPrint.php, or (3) reqSpecVie...
Testlink Testlink 1.9.3
Testlink Testlink 1.8.5b
NA
CVE-2012-0938
Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and previous versions allow remote authenticated users with certain permissions to execute arbitrary SQL commands via the root_node parameter in the display_children function to (1) getrequirementnodes.php or (2) g...
Testlink Testlink 1.9.3
Testlink Testlink 1.8.5b
NA
CVE-2009-4237
Multiple cross-site scripting (XSS) vulnerabilities in TestLink prior to 1.8.5 allow remote malicious users to inject arbitrary web script or HTML via (1) the req parameter to login.php, and allow remote authenticated users to inject arbitrary web script or HTML via (2) the key p...
Teamst Testlink 1.7
Teamst Testlink 1.7.1
Teamst Testlink 1.8.0
Teamst Testlink 1.8.3
Teamst Testlink
Teamst Testlink 1.8
Teamst Testlink 1.8.2
Teamst Testlink 1.8.1
Teamst Testlink 1.7.4
1 EDB exploit
NA
CVE-2008-5807
Multiple cross-site scripting (XSS) vulnerabilities in TestLink prior to 1.8 RC1 allow remote malicious users to inject arbitrary web script or HTML via (1) Testproject Names and (2) Testplan Names in planEdit.php, and possibly (3) Testcaseprefixes in projectview.tpl.
Teamst Testlink 1.8
Teamst Testlink 1.7.4
Teamst Testlink 1.7.1
Teamst Testlink 1.7.3
Teamst Testlink 1.7.2
Teamst Testlink
8.8
CVSSv3
CVE-2019-20107
Multiple SQL injection vulnerabilities in TestLink up to and including 1.9.19 allows remote authenticated users to execute arbitrary SQL commands via the (1) tproject_id parameter to keywordsView.php; the (2) req_spec_id parameter to reqSpecCompareRevisions.php; the (3) requireme...
Testlink Testlink
NA
CVE-2007-6006
TestLink prior to 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown impact and attack vectors.
Testlink Testlink
6.1
CVSSv3
CVE-2019-20381
TestLink prior to 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491.
Testlink Testlink
NA
CVE-2014-8082
lib/functions/database.class.php in TestLink prior to 1.9.13 allows remote malicious users to obtain sensitive information via unspecified vectors, which reveals the installation path in an error message.
Testlink Testlink
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »