14 matches found
CVE-2025-63747
QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can ga...
CVE-2025-63747
QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can ga...
CVE-2025-63748
QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails to restrict file types, enabling the upload of executable PHP files. Once uploaded, the file can be accessed through the "View Attachment" option,...
CVE-2025-63747
QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can ga...
CVE-2025-63748
QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails to restrict file types, enabling the upload of executable PHP files. Once uploaded, the file can be accessed through the "View Attachment" option,...
SourceForge QaTraq 安全漏洞
SourceForge QaTraq is an open source test management tool from SourceForge. A security vulnerability exists in SourceForge QaTraq version 6.9.2, which stems from an insufficient file type restriction that could lead to the upload and execution of arbitrary PHP files...
SourceForge QaTraq 安全漏洞
SourceForge QaTraq is an open source test management tool from SourceForge. A security vulnerability exists in SourceForge QaTraq version 6.9.2 that stems from enabling administrative account credentials by default, which could result in gaining administrative privileges...
CVE-2025-63747
CVE-2025-63747 affects QaTraq 6.9.2. The issue arises from default-enabled administrative credentials, allowing immediate login through the web app login page and granting administrative access if reachable. The vulnerability is present in the default configuration, so an attacker who can access ...
CVE-2025-63747
QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can ga...
CVE-2025-63747
QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can ga...
CVE-2025-63748
QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails to restrict file types, enabling the upload of executable PHP files. Once uploaded, the file can be accessed through the "View Attachment" option,...
PT-2025-47157
Name of the Vulnerable Software and Affected Versions QaTraq version 6.9.2 Description The software ships with default administrative account credentials enabled, allowing immediate login via the web application login page. An attacker reaching the login page can gain administrative access due to...
EUVD-2006-3309
Malware in sbrugna...
TUVSA-0606-001.txt
=========================================================== QaTraq 6.5 RC: Multiple XSS Vulnerabilities =========================================================== Technical University of Vienna Security Advisory TUVSA-0606-001, June 23, 2006...