Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-4238
HistoryDec 10, 2009 - 11:30 p.m.

CVE-2009-4238

2009-12-1023:30:00
CWE-89
[email protected]
web.nvd.nist.gov

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.1%

JSON

Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the Test Case ID field to lib/general/navBar.php or (2) the logLevel parameter to lib/events/eventviewer.php.

Affected configurations

NVD
Node
teamsttestlinkMatch1.7
OR
teamsttestlinkMatch1.7.1
OR
teamsttestlinkMatch1.7.2
OR
teamsttestlinkMatch1.7.3
OR
teamsttestlinkMatch1.7.4
OR
teamsttestlinkMatch1.8
OR
teamsttestlinkMatch1.8beta1
OR
teamsttestlinkMatch1.8beta2
OR
teamsttestlinkMatch1.8beta3
OR
teamsttestlinkMatch1.8rc1
OR
teamsttestlinkMatch1.8.0
OR
teamsttestlinkMatch1.8.1
OR
teamsttestlinkMatch1.8.2
OR
teamsttestlinkMatch1.8.3
OR
teamsttestlinkMatch1.8.4

Related

prion 1
cve 1
cvelist 1
coresecurity 1
seebug 2
securityvulns 2
packetstorm 1
exploitpack 1
openvas 1
exploitdb 1
prion
prion
Sql injection
2009-12-10 23:30:00
cve
cve
CVE-2009-4238
2009-12-10 23:30:00
cvelist
cvelist
CVE-2009-4238
2009-12-10 23:00:00
coresecurity
coresecurity
Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System
2009-12-09 00:00:00
seebug
seebug
Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System
2009-12-09 00:00:00
TestLink Test Management and Execution System - Multiple XSS and Injection Vulnerabilities
2014-07-01 00:00:00
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2009-12-15 00:00:00
CORE-2009-1013: Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System
2009-12-15 00:00:00
packetstorm
packetstorm
Core Security Technologies Advisory 2009.1013
2009-12-10 00:00:00
exploitpack
exploitpack
TestLink Test Management and Execution System - Multiple Cross-Site Scripting Injection Vulnerabilities
2009-12-09 00:00:00
openvas
openvas
TestLink < 1.8.5 Multiple Vulnerabilities
2009-12-10 00:00:00
exploitdb
exploitdb
TestLink Test Management and Execution System - Multiple Cross-Site Scripting / Injection Vulnerabilities
2009-12-09 00:00:00

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.1%

JSON
Related for NVD:CVE-2009-4238
prion1cve1cvelist1coresecurity1seebug2securityvulns2packetstorm1exploitpack1openvas1exploitdb1