Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

331 matches found

Cvelist
Cvelistadded 2020/04/03 6:36 p.m.9 views

CVE-2020-8638

A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in planUrgency.php via the urgency parameter...

10AI score0.01698EPSS
Exploits1References2
CVE
CVEadded 2020/04/03 6:36 p.m.109 views

CVE-2020-8637

SQL injection vulnerability in TestLink 1.9.20 allows execution of arbitrary SQL commands through the node_id parameter in dragdroptreenodes.php. Affected software: TestLink 1.9.20. Root cause: unsafely handled node_id parameter enabling SQL injection. Impact (per sources): high risk with potenti...

9.8CVSS9.9AI score0.02935EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2020/04/03 6:36 p.m.13 views

CVE-2020-8637

A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in dragdroptreenodes.php via the nodeid parameter...

10AI score0.02935EPSS
Exploits1References2
EUVD
EUVDadded 2020/04/03 6:36 p.m.3 views

EUVD-2020-29485

A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in dragdroptreenodes.php via the nodeid parameter...

9.8CVSS10AI score0.02935EPSS
Exploits1References2
CNVD
CNVDadded 2020/03/08 12:0 a.m.2 views

TestLink SQL Injection Vulnerability (CNVD-2020-16091)

TestLink is a set of open source software for managing the software testing process and providing statistical analysis. A SQL injection vulnerability exists in TestLink 1.9.19 and earlier versions. The vulnerability stems from a lack of validation of externally entered SQL statements in...

8.8CVSS8.1AI score0.01964EPSS
Exploits0References1
NVD
NVDadded 2020/03/05 1:15 p.m.12 views

CVE-2019-20107

Multiple SQL injection vulnerabilities in TestLink through 1.9.19 allows remote authenticated users to execute arbitrary SQL commands via the 1 tprojectid parameter to keywordsView.php; the 2 reqspecid parameter to reqSpecCompareRevisions.php; the 3 requirementid parameter to...

8.8CVSS9.1AI score0.01964EPSS
Exploits0References9
OSV
OSVadded 2020/03/05 1:15 p.m.15 views

CVE-2019-20107

Multiple SQL injection vulnerabilities in TestLink through 1.9.19 allows remote authenticated users to execute arbitrary SQL commands via the 1 tprojectid parameter to keywordsView.php; the 2 reqspecid parameter to reqSpecCompareRevisions.php; the 3 requirementid parameter to...

8.8CVSS8.4AI score
Exploits0References9
Prion
Prionadded 2020/03/05 1:15 p.m.7 views

Sql injection

Multiple SQL injection vulnerabilities in TestLink through 1.9.19 allows remote authenticated users to execute arbitrary SQL commands via the 1 tprojectid parameter to keywordsView.php; the 2 reqspecid parameter to reqSpecCompareRevisions.php; the 3 requirementid parameter to...

6.5CVSS9.1AI score0.01964EPSS
Exploits0References9Affected Software1
CVE
CVEadded 2020/03/05 12:50 p.m.43 views

CVE-2019-20107

CVE-2019-20107 covers multiple SQL injection vulnerabilities in TestLink up to version 1.9.19. The flaws allow remote authenticated users to execute arbitrary SQL via input parameters in several PHP scripts (keywordsView.php, reqSpecCompareRevisions.php, reqCompareVersions.php, planUpdateTC.php, ...

8.8CVSS9.1AI score0.01964EPSS
Exploits0References9Affected Software1
Cvelist
Cvelistadded 2020/03/05 12:50 p.m.11 views

CVE-2019-20107

Multiple SQL injection vulnerabilities in TestLink through 1.9.19 allows remote authenticated users to execute arbitrary SQL commands via the 1 tprojectid parameter to keywordsView.php; the 2 reqspecid parameter to reqSpecCompareRevisions.php; the 3 requirementid parameter to...

9.2AI score0.01964EPSS
Exploits0References9
OpenVAS
OpenVASadded 2020/02/21 12:0 a.m.76 views

TestLink < 1.9.20 Multiple SQLi Vulnerabilities

TestLink is prone to multiple SQL injection SQLi vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

9.3AI score
Exploits0References2
CNVD
CNVDadded 2020/02/11 12:0 a.m.2 views

TestLink SQL Injection Vulnerability

TestLink is a set of open source software for managing the software testing process and providing statistical analysis. A SQL injection vulnerability exists in TestLink version 1.9.19. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based...

8.8CVSS8.2AI score0.01426EPSS
Exploits1References1
NVD
NVDadded 2020/02/10 9:56 p.m.8 views

CVE-2020-8841

An issue was discovered in TestLink 1.9.19. The relationtype parameter of the lib/requirements/reqSearch.php endpoint is vulnerable to authenticated SQL Injection...

8.8CVSS8.8AI score0.01426EPSS
Exploits1References2
OSV
OSVadded 2020/02/10 9:56 p.m.12 views

CVE-2020-8841

An issue was discovered in TestLink 1.9.19. The relationtype parameter of the lib/requirements/reqSearch.php endpoint is vulnerable to authenticated SQL Injection...

8.8CVSS7.2AI score
Exploits0References2
Prion
Prionadded 2020/02/10 9:56 p.m.9 views

Sql injection

An issue was discovered in TestLink 1.9.19. The relationtype parameter of the lib/requirements/reqSearch.php endpoint is vulnerable to authenticated SQL Injection...

6.5CVSS8.7AI score0.01426EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2020/02/10 8:24 p.m.67 views

CVE-2020-8841

CVE-2020-8841 affects TestLink 1.9.19. The issue is an authenticated SQL Injection in the relation_type parameter of the lib/requirements/reqSearch.php endpoint. This vulnerability arises from improper handling/validation of external input, enabling an attacker with authenticated access to inject...

8.8CVSS8.7AI score0.01426EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2020/02/10 8:24 p.m.12 views

CVE-2020-8841

An issue was discovered in TestLink 1.9.19. The relationtype parameter of the lib/requirements/reqSearch.php endpoint is vulnerable to authenticated SQL Injection...

8.8AI score0.01426EPSS
Exploits1References2
NVD
NVDadded 2020/01/20 6:15 a.m.10 views

CVE-2019-20381

TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491...

6.1CVSS6.2AI score0.0095EPSS
Exploits0References3
OSV
OSVadded 2020/01/20 6:15 a.m.10 views

CVE-2019-20381

TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491...

6.1CVSS6AI score
Exploits0References3
Prion
Prionadded 2020/01/20 6:15 a.m.11 views

Cross site scripting

TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491...

4.3CVSS6.1AI score0.0095EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder