CVE-2012-0938

Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and earlier allow remote authenticated users with certain permissions to execute arbitrary SQL commands via the rootnode parameter in the displaychildren function to 1 getrequirementnodes.php or 2 gettprojectnodes.php in lib/ajax/;...

TestLink 1.9.3 CSRF Vulnerability

No description provided by source. 下面poc会修改管理员邮箱： document.getElementById'btn'.click;...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in TestLink 1.9.3 and earlier allow remote attackers to hijack the authentication of users for requests that add, delete, or modify sensitive information, as demonstrated by changing the administrator's email via an editUser action to...

testlink 1.9.3 lib/ajax/getrequirementnodes.php SQL Injection

No description provided by source...

TestLink 1.9.3 SQL Injection

------------------ Information ------------------ Name: SQL Injection Vulnerabilities in TestLink Software tested: TL v1.8.5b & checked in v1.9.3 prior version may be affected Vendor Homepage: http://www.teamst.org Vendor Notification: 27 January 2012 Vendor Patch: 4 February 2012 Public...