Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

331 matches found

CVE
CVEadded 2020/01/20 5:21 a.m.95 views

CVE-2019-20381

TestLink

6.1CVSS6.1AI score0.0095EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2020/01/20 5:21 a.m.16 views

CVE-2019-20381

TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491...

6.2AI score0.0095EPSS
Exploits0References3
CNVD
CNVDadded 2020/01/20 12:0 a.m.2 views

TestLink cross-site scripting vulnerability (CNVD-2020-03254)

TestLink is a set of open source software for managing the software testing process and providing statistical analysis. A cross-site scripting vulnerability exists in TestLink versions prior to 1.9.20. The vulnerability stems from a lack of proper validation of client-side data by the WEB...

6.1CVSS6.3AI score0.0095EPSS
Exploits0References1
OSV
OSVadded 2019/12/02 2:15 a.m.2 views

CVE-2019-19491

TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request...

6.1CVSS6.3AI score0.00791EPSS
Exploits1References1
NVD
NVDadded 2019/12/02 2:15 a.m.11 views

CVE-2019-19491

TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request...

6.1CVSS6AI score0.00791EPSS
Exploits1References1
Prion
Prionadded 2019/12/02 2:15 a.m.16 views

Cross site request forgery (csrf)

TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request...

4.3CVSS5.9AI score0.00791EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2019/12/02 1:13 a.m.49 views

CVE-2019-19491

CVE-2019-19491 affects TestLink before 1.9.20. It allows XSS through multiple inputs (lib/testcases/archiveData.php edit parameter, index.php reqURI, or lib/testcases/tcEdit.php?doAction=doDeleteStep). Red Hat notes an incomplete fix in related CVE-2019-19491 and lists 1.9.20 as the fixed version...

6.1CVSS5.9AI score0.00791EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2019/12/02 1:13 a.m.22 views

CVE-2019-19491

TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request...

6AI score0.00791EPSS
Exploits1References1
CNVD
CNVDadded 2019/12/02 12:0 a.m.2 views

TestLink Cross-Site Scripting Vulnerability

TestLink is a WEB-based test case management system. A cross-site scripting vulnerability exists in TestLink 1.9.19. The vulnerability can be exploited by an attacker via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in the...

6.1CVSS6.3AI score0.00791EPSS
Exploits1References1
exploitpack
exploitpackadded 2019/11/21 12:0 a.m.28 views

TestLink 1.9.19 - Persistent Cross-Site Scripting

TestLink 1.9.19 - Persistent Cross-Site Scripting Exploit Title: TestLink 1.9.19 - Persistent Cross-Site Scripting Date: 2019-11-20 Exploit Author: Milad Khoshdel Software Link: http://testlink.org/ Version: TestLink 1.9.19 Tested on: Linux Apache/2 PHP/7.3.11 ========= Vulnerable Pages: ========...

6.8AI score
Exploits0
Packet Storm
Packet Stormadded 2019/11/21 12:0 a.m.601 views

TestLink 1.9.19 Cross Site Scripting

Exploit Title: TestLink 1.9.19 - Persistent Cross-Site Scripting Date: 2019-11-20 Exploit Author: Milad Khoshdel Software Link: http://testlink.org/ Version: TestLink 1.9.19 Tested on: Linux Apache/2 PHP/7.3.11 ========= Vulnerable Pages: ========= Persistent --...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2019/11/21 12:0 a.m.488 views

TestLink 1.9.19 - Persistent Cross-Site Scripting

Exploit Title: TestLink 1.9.19 - Persistent Cross-Site Scripting Date: 2019-11-20 Exploit Author: Milad Khoshdel Software Link: http://testlink.org/ Version: TestLink 1.9.19 Tested on: Linux Apache/2 PHP/7.3.11 ========= Vulnerable Pages: ========= Persistent --...

7AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2019/09/17 12:0 a.m.23 views

Jenkins testlink Cleartext Storage of Credentials Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Jenkins testlink. Authentication is required to exploit this vulnerability. The specific flaw exists within the testlink plugin. The issue results from storing credentials in plaintext. An...

3.3CVSS1.2AI score0.00502EPSS
Exploits0References1
CNVD
CNVDadded 2019/08/16 12:0 a.m.2 views

CloudBees Jenkins TestLink Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An information disclosure...

5.3CVSS6.3AI score0.00502EPSS
Exploits0References1
OSV
OSVadded 2019/08/07 3:15 p.m.11 views

CVE-2019-10378

Jenkins TestLink Plugin 3.16 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.3CVSS6.6AI score
Exploits0References3
NVD
NVDadded 2019/08/07 3:15 p.m.16 views

CVE-2019-10378

Jenkins TestLink Plugin 3.16 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.3CVSS5.2AI score0.00502EPSS
Exploits0References3
Prion
Prionadded 2019/08/07 3:15 p.m.15 views

Design/Logic Flaw

Jenkins TestLink Plugin 3.16 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

2.1CVSS5.2AI score0.00502EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2019/08/07 2:20 p.m.56 views

CVE-2019-10378

CVE-2019-10378 affects the Jenkins TestLink Plugin (versions ≤ 3.16). The vulnerability arises from credentials being stored unencrypted in the plugin’s global configuration file on the Jenkins master filesystem, enabling anyone with master FS access to view them. The CVSS v3.1 score is 5.3 ( MED...

5.3CVSS5.1AI score0.00502EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2019/08/07 2:20 p.m.29 views

CVE-2019-10378

Jenkins TestLink Plugin 3.16 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.2AI score0.00502EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2019/08/07 2:20 p.m.27 views

CVE-2019-10378

Jenkins TestLink Plugin 3.16 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.3CVSS3.6AI score0.00502EPSS
Exploits0References3
Rows per page
Query Builder