CVE-2015-7391

Multiple cross-site scripting XSS vulnerabilities in TestLink before 1.9.14 allow remote attackers to inject arbitrary web script or HTML via the 1 selectedenddate or 2 selectedstartdate parameter to lib/results/tcCreatedPerUserOnTestProject.php; the 3 containerType parameter to...

CVE-2015-7390

SQL injection vulnerability in TestLink before 1.9.14 allows remote attackers to execute arbitrary SQL commands via the apikey parameter to lnl.php...

CVE-2015-7391

TestLink prior to 1.9.14 is affected by multiple XSS vulnerabilities that allow an attacker to inject arbitrary script/HTML via various inputs (selected_end_date, selected_start_date, containerType, filter_tc_id, filter_testcase_name, useRecursion, targetTestCase, created_by) and the Referer head...

CVE-2015-7390

CVE-2015-7390 is supported by multiple connected sources detailing a SQL injection in TestLink prior to 1.9.14. The vulnerability allows remote attackers to inject arbitrary SQL via the apikey parameter to lnl.php, potentially compromising the database. Affected version range is before 1.9.14; th...

CVE-2015-7390

SQL injection vulnerability in TestLink before 1.9.14 allows remote attackers to execute arbitrary SQL commands via the apikey parameter to lnl.php...

CVE-2015-7391

Multiple cross-site scripting XSS vulnerabilities in TestLink before 1.9.14 allow remote attackers to inject arbitrary web script or HTML via the 1 selectedenddate or 2 selectedstartdate parameter to lib/results/tcCreatedPerUserOnTestProject.php; the 3 containerType parameter to...

TestLink 1.9.14 SQL Injection

Advisory ID: HTB23288 Product: TestLink Vendor: TestLink Development Team Vulnerable Versions: 1.9.14 and probably prior Tested Version: 1.9.14 Advisory Publication: January 7, 2016 without technical details Vendor Notification: January 7, 2016 Vendor Patch: January 9, 2016 Public Disclosure:...

TestLink SQL Injection Vulnerability (CNVD-2016-01142)

Testlink is a PHP-based open source test management tools . A SQL injection vulnerability exists in TestLink. The vulnerability is caused by the "apikey" HTTP GET parameter failing to filter via the "lnl.php" PHP script. An unauthenticated remote attacker can inject and execute arbitrary SQL...

SQL Injection in TestLink

High-Tech Bridge Security Research Lab discovered high-risk SQL injection vulnerability in TestLink Open Source Test Management. The vulnerability can be exploited to alter the present SQL query and gain access to potentially sensitive information or even to completely compromise the vulnerable w...

TestLink跨站请求伪造漏洞

No description provided by source...

TestLink HTML注入漏洞

No description provided by source...

TestLink Cross-Site Request Forgery Vulnerability

Testlink is TestLink team developed a PHP-based open source test management tool . The tool provides test requirements management , test case management and test data statistics and other functions . TestLink version 1.9.14 cross-site request forgery vulnerability exists. Remote attackers can...

TestLink HTML Injection Vulnerability

Testlink is TestLink team developed a PHP-based open source test management tool . The tool provides test requirements management , test case management and test data statistics and other functions . TestLink 1.9.14 version of the existence of HTML injection vulnerability. A remote attacker can...

TestLink 1.9.14 Multiple XSS Vulnerabilities

Exploit for hardware platform in category web applications Information ================================= Name: CSRF Vulnerability in TestLink 1.9.14 Affected Software: TestLink Affected Versions: 1.9.14 and possibly below Vendor Homepage: http://testlink.org/ Severity: High Status: Fixed...

TestLink 1.9.14 Cross Site Scripting

Information ================================= Name: Persistent XSS Vulnerability in TestLink 1.9.14 Affected Software: TestLink Affected Versions: 1.9.14 and possibly below Vendor Homepage: http://testlink.org/ Severity: High Status: Fixed Vulnerability Type: =================================...

TestLink 1.9.14 Cross Site Request Forgery

Information ================================= Name: CSRF Vulnerability in TestLink 1.9.14 Affected Software: TestLink Affected Versions: 1.9.14 and possibly below Vendor Homepage: http://testlink.org/ Severity: High Status: Fixed Vulnerability Type: ================================= Cross Site...

TestLink 1.9.14 - Cross-Site Request Forgery

TestLink 1.9.14 - Cross-Site Request Forgery Information ================================= Name: CSRF Vulnerability in TestLink 1.9.14 Affected Software: TestLink Affected Versions: 1.9.14 and possibly below Vendor Homepage: http://testlink.org/ Severity: High Status: Fixed Vulnerability Type:...

TestLink 1.9.14 - Cross-Site Request Forgery

Information ================================= Name: CSRF Vulnerability in TestLink 1.9.14 Affected Software: TestLink Affected Versions: 1.9.14 and possibly below Vendor Homepage: http://testlink.org/ Severity: High Status: Fixed Vulnerability Type: ================================= Cross Site...

TestLink Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-7391

Information -------------------- Advisory by Netsparker. Name: Multiple XSS Vulnerabilities in TestLink 1.9.13 Affected Software : TestLink Affected Versions: 1.9.1.3 and possibly below Vendor Homepage : http://testlink.org/ Vulnerability Type : Cross-site Scripting Severity : Important Status :...

TestLink Security Advisory - SQL Injection Vulnerability - CVE-2015-7390

Information -------------------- Advisory by Netsparker. Name: SQL Injection Vulnerability in TestLink 1.9.13 Affected Software : TestLink Affected Versions: 1.9.1.3 and possibly below Vendor Homepage : http://testlink.org/ Vulnerability Type : SQL Injection Severity : Critical Status : Fixed...