331 matches found
PT-2019-11774 · Jenkins · Jenkins Testlink Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins TestLink Plugin versions 3.16 and earlier Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically, the credentials are...
CVE-2019-14471
TestLink 1.9.19 has XSS via the error.php message parameter...
CVE-2019-14471
TestLink 1.9.19 has XSS via the error.php message parameter...
Code injection
TestLink 1.9.19 has XSS via the error.php message parameter...
CVE-2019-14471
CVE-2019-14471 affects TestLink 1.9.19 and is a cross-site scripting (XSS) vulnerability via the error.php message parameter. Public data in the connected documents confirms the affected software/version and the root cause as improper handling of the error message leading to script injection. CVS...
CVE-2019-14471
TestLink 1.9.19 has XSS via the error.php message parameter...
TestLink 1.9.19 Server-Side Request Forgery
Exploit Title : TestLink version = 1.9.19 Server Side Request Forgery Author : Manish Kishan Tanwar AKA error1046 Vendor Link : http://testlink.org Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Incredible,Kishan Singh and ritu rathi Discovered At : Indishell Lab...
TestLink Open Source Test Management Code Execution
Title: TestLink Open Source Test Management comment out skip-networking as well as bind-address if any present in my.cnf i.e chang...
TestLink Open Source Test Management < 1.9.16 - Remote Code Execution Exploit
Exploit for linux platform in category remote exploits Title: TestLink Open Source Test Management comment out skip-networking as well as bind-add...
TestLink Open Source Test Management < 1.9.16 - Remote Code Execution (PoC)
TestLink Open Source Test Management 1.9.16 - Remote Code Execution PoC. CVE-2018-7466. Remote exploit for Linux platform Title: TestLink Open Source Test Management= 1.9.16 Remote Code Execution By Manish error1046 Vendor Home Page: http://testlink.org Disovered At: Indishell Lab CVE ID:...
TestLink Open Source Test Management 1.9.16 - Remote Code Execution (PoC)
TestLink Open Source Test Management 1.9.16 - Remote Code Execution PoC Title: TestLink Open Source Test Management comment out skip-networking as well as bind-address if any presen...
Jenkins TestLink Plugin Cross-Site Scripting Vulnerability
Jenkins is an open source software project , is based on Java development of a continuous integration tool . A cross-site scripting vulnerability exists in TestLinkBuildAction/summary.jelly and other scripts in Jenkins TestLink Plugin 2.12 and earlier versions, which stems from a program that mak...
CVE-2018-1000113
A cross-site scripting vulnerability exists in Jenkins TestLink Plugin 2.12 and earlier in TestLinkBuildAction/summary.jelly and others that allow an attacker who can control e.g. TestLink report names to have Jenkins serve arbitrary HTML and JavaScript...
Cross site scripting
A cross-site scripting vulnerability exists in Jenkins TestLink Plugin 2.12 and earlier in TestLinkBuildAction/summary.jelly and others that allow an attacker who can control e.g. TestLink report names to have Jenkins serve arbitrary HTML and JavaScript...
CVE-2018-1000113
A cross-site scripting vulnerability exists in Jenkins TestLink Plugin 2.12 and earlier in TestLinkBuildAction/summary.jelly and others that allow an attacker who can control e.g. TestLink report names to have Jenkins serve arbitrary HTML and JavaScript...
CVE-2018-1000113
A cross-site scripting vulnerability exists in Jenkins TestLink Plugin 2.12 and earlier in TestLinkBuildAction/summary.jelly and others that allow an attacker who can control e.g. TestLink report names to have Jenkins serve arbitrary HTML and JavaScript...
CVE-2018-1000113
The CVE-2018-1000113 entry describes a cross-site scripting vulnerability in Jenkins TestLink Plugin (versions up to 2.12) affecting TestLinkBuildAction/summary.jelly and related components. The root cause is improper handling of user-controlled report names, enabling an attacker to cause Jenkins...
CVE-2018-1000113
A cross-site scripting vulnerability exists in Jenkins TestLink Plugin 2.12 and earlier in TestLinkBuildAction/summary.jelly and others that allow an attacker who can control e.g. TestLink report names to have Jenkins serve arbitrary HTML and JavaScript...
TestLink <= 1.9.16 Information Disclosure Vulnerability
TestLink is prone to an information vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2018-7668
TestLink through 1.9.16 allows remote attackers to read arbitrary attachments via a modified ID field to /lib/attachments/attachmentdownload.php...