TestLink Cross Site Scripting and SQL Injection Vulnerabilities

Bugtraq ID: 37258
Class: Input Validation Error
CVE: CVE-2009-4237
CVE-2009-4238
Remote: Yes
Local: No
Published: Dec 09 2009 12:00AM
Updated: Dec 11 2009 06:54PM
Credit: Pablo Annetta from Core Security Technologies
Vulnerable: TestLink TestLink 1.8.4
TestLink TestLink 1.8.3
TestLink TestLink 1.8.2
TestLink TestLink 1.8.1
TestLink TestLink 1.8
TestLink TestLink 1.7.4
TestLink TestLink 1.7.1
TestLink TestLink 1.7
TestLink TestLink 1.8 RC1
TestLink TestLink 0
Not Vulnerable: TestLink TestLink 1.8.5


 

Privacy Statement
Copyright 2010, SecurityFocus