6 matches found
EUVD-2012-0962
Malware in sbrugna...
CVE-2012-0939
Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier allow remote authenticated users with the Requirement view permission to execute arbitrary SQL commands via the reqspecid parameter to 1 reqSpecAnalyse.php, 2 reqSpecPrint.php, or 3 reqSpecView.php in requirements/. NOTE: some ...
CVE-2012-0938
Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and earlier allow remote authenticated users with certain permissions to execute arbitrary SQL commands via the rootnode parameter in the displaychildren function to 1 getrequirementnodes.php or 2 gettprojectnodes.php in lib/ajax/;...
Sql injection
Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier allow remote authenticated users with the Requirement view permission to execute arbitrary SQL commands via the reqspecid parameter to 1 reqSpecAnalyse.php, 2 reqSpecPrint.php, or 3 reqSpecView.php in requirements/. NOTE: some ...
CVE-2012-0939
Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier allow remote authenticated users with the Requirement view permission to execute arbitrary SQL commands via the reqspecid parameter to 1 reqSpecAnalyse.php, 2 reqSpecPrint.php, or 3 reqSpecView.php in requirements/. NOTE: some ...
CVE-2012-0939
CVE-2012-0939 affects TestLink up to v1.8.5b; the vulnerability is an SQL injection in the requirements module. Specifically, unauthenticated? No: remote authenticated users with the Requirement view permission can exploit the flaw via req_spec_id in reqSpecAnalyse.php, reqSpecPrint.php, or reqSp...