CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

RedhatCVE•added 2026/01/09 10:39 a.m.•2 views

CVE-2022-35194

TestLink v1.9.20 was discovered to contain a stored cross-site scripting XSS vulnerability via /lib/inventory/inventoryView.php...

5.4CVSS6AI score0.00224EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 11:14 p.m.•3 views

CVE-2022-35193

TestLink v1.9.20 was discovered to contain a SQL injection vulnerability via /lib/execute/execNavigator.php...

7.2CVSS8.3AI score0.00274EPSS

Exploits1References1

Cvelist•added 2024/08/26 12:0 a.m.•11 views

CVE-2024-42906

TestLink before v.1.9.20 is vulnerable to Cross Site Scripting XSS via the pop-up on upload file. When uploading a file, the XSS payload can be entered into the file name...

0.00128EPSS

Exploits1References2

Vulnrichment•added 2024/08/26 12:0 a.m.•9 views

CVE-2024-42906

TestLink before v.1.9.20 is vulnerable to Cross Site Scripting XSS via the pop-up on upload file. When uploading a file, the XSS payload can be entered into the file name...

5.4AI score0.00128EPSS

Exploits1References2

NVD•added 2022/09/20 4:15 p.m.•9 views

CVE-2022-35196

TestLink v1.9.20 was discovered to contain a Cross-Site Request Forgery CSRF via /lib/plan/planView.php...

8.8CVSS0.00141EPSS

Exploits1References2

Prion•added 2022/09/20 4:15 p.m.•10 views

Cross site request forgery (csrf)

TestLink v1.9.20 was discovered to contain a Cross-Site Request Forgery CSRF via /lib/plan/planView.php...

6.8CVSS8.8AI score0.00141EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2022/09/20 3:52 p.m.•3 views

CVE-2022-35196

TestLink v1.9.20 was discovered to contain a Cross-Site Request Forgery CSRF via /lib/plan/planView.php...

7.7AI score0.00141EPSS

Exploits1References2

Cvelist•added 2022/09/20 3:52 p.m.•13 views

CVE-2022-35196

TestLink v1.9.20 was discovered to contain a Cross-Site Request Forgery CSRF via /lib/plan/planView.php...

9.1AI score0.00141EPSS

Exploits1References2

CVE•added 2022/09/20 3:52 p.m.•48 views

CVE-2022-35196

CVE-2022-35196 affects TestLink v1.9.20 and is a Cross-Site Request Forgery (CSRF) vulnerability exploitable via the /lib/plan/planView.php endpoint. The incident has a high impact (C/H/I/A) per CVSS 3.1 (8.8) with network attack vector, no privileges required, user interaction required. The conn...

8.8CVSS8.8AI score0.00141EPSS

Exploits1References2Affected Software1

NVD•added 2022/09/16 10:15 p.m.•7 views

CVE-2022-35194

TestLink v1.9.20 was discovered to contain a stored cross-site scripting XSS vulnerability via /lib/inventory/inventoryView.php...

5.4CVSS0.00224EPSS

Exploits1References2

Prion•added 2022/09/16 10:15 p.m.•12 views

Cross site scripting

TestLink v1.9.20 was discovered to contain a stored cross-site scripting XSS vulnerability via /lib/inventory/inventoryView.php...

4.9CVSS5.3AI score0.00224EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/09/16 8:30 p.m.•11 views

CVE-2022-35194

TestLink v1.9.20 was discovered to contain a stored cross-site scripting XSS vulnerability via /lib/inventory/inventoryView.php...

5.5AI score0.00224EPSS

Exploits1References2

CVE•added 2022/09/16 8:30 p.m.•40 views

CVE-2022-35194

CVE-2022-35194 affects TestLink v1.9.20, where a stored cross-site scripting (XSS) vulnerability exists in the API endpoint /lib/inventory/inventoryView.php . The Red Hat and PT Security entries corroborate the vulnerability and indicate an update to a newer TestLink version containing a fix as t...

5.4CVSS5.3AI score0.00224EPSS

Exploits1References2Affected Software1

NVD•added 2022/09/16 4:15 p.m.•7 views

CVE-2022-35193

TestLink v1.9.20 was discovered to contain a SQL injection vulnerability via /lib/execute/execNavigator.php...

7.2CVSS0.00274EPSS

Exploits1References2

Cvelist•added 2022/09/16 3:59 p.m.•11 views

CVE-2022-35193

TestLink v1.9.20 was discovered to contain a SQL injection vulnerability via /lib/execute/execNavigator.php...

7.5AI score0.00274EPSS

Exploits1References2

CVE•added 2022/09/16 3:59 p.m.•52 views

CVE-2022-35193

CVE-2022-35193 affects TestLink v1.9.20 with a SQL injection vulnerability in /lib/execute/execNavigator.php. The issue stems from improper input handling in the navigation execution endpoint, enabling an attacker to manipulate backend SQL queries. According to the connected documents, this vulne...

7.2CVSS7.2AI score0.00274EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by