CVE-2009-4238
TestLink prior to 1.8.5 contains multiple SQL injection vulnerabilities that allow remote authenticated users to execute arbitrary SQL commands via inputs such as the Test Case ID field (lib/general/navBar.php) or the logLevel parameter (lib/events/eventviewer.php). The issue stems from insuffici...