CVE-2009-4238

Metadata

CVE-2009-4238
6.5
archives.neohapsis.com, coresecurity.com, securityfocus.com, teamst.org
2009-12-10
2017-06-06 20:21

Description

Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the Test Case ID field to lib/general/navBar.php or (2) the logLevel parameter to lib/events/eventviewer.php.

Related Vulnerabilities