Vulnerabilities

CVE-2009-4238

by Fred · 10/12/2009

Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the Test Case ID field to lib/general/navBar.php or (2) the logLevel parameter to lib/events/eventviewer.php.

Date published : 2009-12-10

http://www.securityfocus.com/bid/37258

http://www.teamst.org/index.php?option=com_content&task=view&id=84&Itemid=2

Similar

Tags: Cybersecurity Alert