TestLink v1.9.20 exists to contain a SQL injection vulnerability via /lib/execute/execNavigator.php.
testlink testlink 1.9.20