331 matches found
Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System
Advisory ID Internal CORE-2009-1013 1. Advisory Information Advisory Id: CORE-2009-1013 Advisory URL:http://www.coresecurity.com/content/testlink-multiple-injection-vulnerabilities Date published: 2009-12-09 Date of last update: 2009-12-09 Vendors contacted: TestLink Community Release mode:...
TestLink Test Management and Execution System - Multiple Cross-Site Scripting / Injection Vulnerabilities
Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System 1. Advisory Information Title: Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution Syst...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in TestLink before 1.8 RC1 allow remote attackers to inject arbitrary web script or HTML via 1 Testproject Names and 2 Testplan Names in planEdit.php, and possibly 3 Testcaseprefixes in projectview.tpl...
CVE-2008-5807
Multiple cross-site scripting XSS vulnerabilities in TestLink before 1.8 RC1 allow remote attackers to inject arbitrary web script or HTML via 1 Testproject Names and 2 Testplan Names in planEdit.php, and possibly 3 Testcaseprefixes in projectview.tpl...
CVE-2008-5807
CVE-2008-5807 relates to multiple XSS vulnerabilities in TestLink prior to 1.8 RC1. The issues allow remote attackers to inject arbitrary web script or HTML via (1) Testproject Names and (2) Testplan Names in planEdit.php, and possibly (3) Testcaseprefixes in projectview.tpl. Affected software is...
CVE-2008-5807
Multiple cross-site scripting XSS vulnerabilities in TestLink before 1.8 RC1 allow remote attackers to inject arbitrary web script or HTML via 1 Testproject Names and 2 Testplan Names in planEdit.php, and possibly 3 Testcaseprefixes in projectview.tpl...
Authorization
TestLink before 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown impact and attack vectors...
CVE-2007-6006
TestLink before 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown impact and attack vectors...
CVE-2007-6006
The CVE-2007-6006 entry concerns TestLink before version 1.7.1 that does not enforce an unspecified authorization mechanism. The impact and attack vectors are not explicitly defined in the provided documents; exploitation details are not provided. No concrete remediation or vendor/version specifi...
CVE-2007-6006
TestLink before 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown impact and attack vectors...
TestLink < 1.7.1 Authorization Mechanism Failure
Binary data 4283.prm...