mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
831 B
831 B
CVE-2009-4238
Description
Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the Test Case ID field to lib/general/navBar.php or (2) the logLevel parameter to lib/events/eventviewer.php.
POC
Reference
- http://www.coresecurity.com/content/testlink-multiple-injection-vulnerabilities
- http://www.coresecurity.com/content/testlink-multiple-injection-vulnerabilities
Github
No PoCs found on GitHub currently.