TestlinkCVEs & Vulnerabilities

27 CVEs affecting Testlink products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

testlink 29
CVE-2024-46097HIGH

TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a new TestPlan is created, an ID with an incremental value is automatically generated. Using the edit function you can change the tplan_id parameter to another ID. The application does not carry out a check on the user's permissions maing it possible to recover the IDs of all the TestPlans (even the administrative ones) and modify them even with minimal privileges.

27 Sep 2024
8.1
CVSS
CVE-2024-42906MEDIUM

TestLink before v.1.9.20 is vulnerable to Cross Site Scripting (XSS) via the pop-up on upload file. When uploading a file, the XSS payload can be entered into the file name.

26 Aug 2024
6.1
CVSS
CVE-2023-50110HIGH

TestLink through 1.9.20 allows type juggling for authentication bypass because === is not used.

30 Dec 2023
7.5
CVSS
CVE-2022-35196HIGH

TestLink v1.9.20 was discovered to contain a Cross-Site Request Forgery (CSRF) via /lib/plan/planView.php.

20 Sep 2022
8.8
CVSS
CVE-2022-35194MEDIUM

TestLink v1.9.20 was discovered to contain a stored cross-site scripting (XSS) vulnerability via /lib/inventory/inventoryView.php.

17 Sep 2022
5.4
CVSS
CVE-2022-35195HIGH

TestLink 1.9.20 Raijin was discovered to contain a broken access control vulnerability at /lib/attachments/attachmentdownload.php

16 Sep 2022
7.2
CVSS
CVE-2022-35193HIGH

TestLink v1.9.20 was discovered to contain a SQL injection vulnerability via /lib/execute/execNavigator.php.

16 Sep 2022
7.2
CVSS
CVE-2020-12274CRITICAL

In TestLink 1.9.20, the lib/cfields/cfieldsExport.php goback_url parameter causes a security risk because it depends on client input and is not constrained to lib/cfields/cfieldsView.php at the web site associated with the session.

27 Apr 2020
9.8
CVSS
CVE-2020-12273HIGH

In TestLink 1.9.20, a crafted login.php viewer parameter exposes cleartext credentials.

27 Apr 2020
7.5
CVSS
CVE-2020-8639HIGHpoc

An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. This allows an authenticated attacker to upload a malicious file (containing PHP code to execute operating system commands) to a publicly accessible directory of the application.

3 Apr 2020
8.8
CVSS
CVE-2020-8638CRITICAL

A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in planUrgency.php via the urgency parameter.

3 Apr 2020
9.8
CVSS
CVE-2020-8637CRITICAL

A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in dragdroptreenodes.php via the node_id parameter.

3 Apr 2020
9.8
CVSS
CVE-2019-20107HIGH

Multiple SQL injection vulnerabilities in TestLink through 1.9.19 allows remote authenticated users to execute arbitrary SQL commands via the (1) tproject_id parameter to keywordsView.php; the (2) req_spec_id parameter to reqSpecCompareRevisions.php; the (3) requirement_id parameter to reqCompareVersions.php; the (4) build_id parameter to planUpdateTC.php; the (5) tplan_id parameter to newest_tcversions.php; the (6) tplan_id parameter to tcCreatedPerUserGUI.php; the (7) tcase_id parameter to tcAssign2Tplan.php; or the (8) testcase_id parameter to tcCompareVersions.php. Authentication is often easy to achieve: a guest account, that can execute this attack, can be created by anyone in the default configuration.

5 Mar 2020
8.8
CVSS
CVE-2020-8841HIGH

An issue was discovered in TestLink 1.9.19. The relation_type parameter of the lib/requirements/reqSearch.php endpoint is vulnerable to authenticated SQL Injection.

11 Feb 2020
8.8
CVSS
CVE-2019-20381MEDIUM

TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491.

20 Jan 2020
6.1
CVSS
CVE-2019-19491MEDIUM

TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request.

2 Dec 2019
6.1
CVSS
CVE-2019-14471MEDIUM

TestLink 1.9.19 has XSS via the error.php message parameter.

1 Aug 2019
6.1
CVSS
CVE-2018-7668HIGH

TestLink through 1.9.16 allows remote attackers to read arbitrary attachments via a modified ID field to /lib/attachments/attachmentdownload.php.

5 Mar 2018
7.5
CVSS
CVE-2018-7466HIGHpoc

install/installNewDB.php in TestLink through 1.9.16 allows remote attackers to conduct injection attacks by leveraging control over DB LOGIN NAMES data during installation to provide a long, crafted value.

25 Feb 2018
7.5
CVSS
CVE-2015-7391MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in TestLink before 1.9.14 allow remote attackers to inject arbitrary web script or HTML via the (1) selected_end_date or (2) selected_start_date parameter to lib/results/tcCreatedPerUserOnTestProject.php; the (3) containerType parameter to lib/testcases/containerEdit.php; the (4) filter_tc_id or (5) filter_testcase_name parameter to lib/testcases/listTestCases.php; the (6) useRecursion parameter to lib/testcases/tcImport.php; the (7) targetTestCase or (8) created_by parameter to lib/testcases/tcSearch.php; or the (9) HTTP Referer header to third_party/user_contribution/fakeRemoteExecServer/client4fakeXMLRPCTestRunner.php.

26 Sep 2017
6.1
CVSS
CVE-2015-7390CRITICAL

SQL injection vulnerability in TestLink before 1.9.14 allows remote attackers to execute arbitrary SQL commands via the apikey parameter to lnl.php.

26 Sep 2017
9.8
CVSS
CVE-2014-8082MEDIUM

lib/functions/database.class.php in TestLink before 1.9.13 allows remote attackers to obtain sensitive information via unspecified vectors, which reveals the installation path in an error message.

31 Oct 2014
5.0
CVSS
CVE-2014-8081HIGH

lib/execute/execSetResults.php in TestLink before 1.9.13 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the filter_result_result parameter.

31 Oct 2014
7.5
CVSS
CVE-2014-5308CRITICALpoc

Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execute arbitrary SQL commands via the (1) name parameter in a Search action to lib/project/projectView.php or (2) id parameter to lib/events/eventinfo.php.

8 Oct 2014
9.0
CVSS
CVE-2012-0939MEDIUM

Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier allow remote authenticated users with the Requirement view permission to execute arbitrary SQL commands via the req_spec_id parameter to (1) reqSpecAnalyse.php, (2) reqSpecPrint.php, or (3) reqSpecView.php in requirements/. NOTE: some of these details are obtained from third party information.

14 Aug 2014
6.5
CVSS
CVE-2012-0938MEDIUM

Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and earlier allow remote authenticated users with certain permissions to execute arbitrary SQL commands via the root_node parameter in the display_children function to (1) getrequirementnodes.php or (2) gettprojectnodes.php in lib/ajax/; the (3) cfield_id parameter in an edit action to lib/cfields/cfieldsEdit.php; the (4) id parameter in an edit action or (5) plan_id parameter in a create action to lib/plan/planMilestonesEdit.php; or the req_spec_id parameter to (6) reqImport.php or (7) in a create action to reqEdit.php in lib/requirements/. NOTE: some of these details are obtained from third party information.

14 Aug 2014
6.5
CVSS
CVE-2007-6006CRITICAL

TestLink before 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown impact and attack vectors.

16 Nov 2007
10.0
CVSS
← PrevPage 1 / 1Next →