what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 25 of 26

Files

TestLink 1.19 Arbitrary File Download

Posted Dec 9, 2021

Authored by Gonzalo Villegas

TestLink versions 1.16 through 1.19 suffer from an arbitrary file download vulnerability.

tags | exploit, arbitrary

SHA-256 | 0d4f2423494cf6a179f394e226b4ffca187f2beaa2d20adb0504a4b550937e84

Download | Favorite | View

Related Files

TestLink 1.9.20 Shell Upload

Posted Feb 14, 2021

Authored by snovvcrash

TestLink version 1.9.20 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload

advisories | CVE-2020-8639

SHA-256 | c77386d58d62722f1ea02fb39203f5ae3734576744e803a7331e2cf8529a9d98

Download | Favorite | View

TestLink 1.9.19 Cross Site Scripting

Posted Nov 21, 2019

Authored by Milad Khoshdel

TestLink version 1.9.19 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 86e26947c940c9d530ddb67e77336e366e006fb43b1697fad0ed86a2cbec93a6

Download | Favorite | View

TestLink 1.9.19 Server-Side Request Forgery

Posted Jun 3, 2019

Authored by Manish Tanwar

TestLink versions 1.9.19 and below suffers from a server side request forgery vulnerability.

tags | exploit

SHA-256 | 4135c5cf334226208cc17b50f9d53094a3a71aef0f049cd1dbf262a2fcbfaf8a

Download | Favorite | View

TestLink Open Source Test Management Code Execution

Posted Mar 28, 2018

Authored by Manish Tanwar

TestLink Open Source Test Management versions prior to 1.9.16 remote proof of concept code execution exploit.

tags | exploit, remote, code execution, proof of concept

advisories | CVE-2018-7466

SHA-256 | 7f1cec95295792a263ea245ef75d239589db9afc06b5a1a8e021fc6d031a4154

Download | Favorite | View

TestLink Open Source Test Management Remote Code Execution

Posted Mar 2, 2018

Authored by Manish Tanwar

TestLink Open Source Test Management versions prior to 1.9.16 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution

advisories | CVE-2018-7466

SHA-256 | 8ad9056ec040b407f63167dc210d68bdd226dc758f6f0755a6f5a3ad4e538f97

Download | Favorite | View

TestLink Open Source Test Management Insecure Direct Object Reference

Posted Feb 28, 2018

Authored by T. Weber | Site sec-consult.com

TestLink Open Source Test Management versions prior to 1.9.17 suffer from an insecure direct object reference.

tags | exploit

SHA-256 | 0910df37fb4c03268b6c09f2acdee5ba8b437d90519a496c092a0421442672d9

Download | Favorite | View

TestLink 1.9.14 SQL Injection

Posted Feb 18, 2016

Authored by High-Tech Bridge SA | Site htbridge.com

TestLink version 1.9.14 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | 91d1c80956419cb3834dcfcd444983fe9cb7d79deae450a0f99e91da4a1bf961

Download | Favorite | View

TestLink 1.9.14 Cross Site Request Forgery

Posted Nov 9, 2015

Authored by Aravind C Ajayan, Balagopal N

TestLink version 1.9.14 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | 39f7ec2dfdf407f0782e906eebab9e38be681ca13f49a2d95361090f5468631a

Download | Favorite | View

TestLink 1.9.14 Cross Site Scripting

Posted Nov 9, 2015

Authored by Aravind C Ajayan, Boney S Kalarickal

TestLink version 1.9.14 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | b46be8c0b8fb93b229267719e4d51695ead81f8d924cf7b2a0540380b2ef4098

Download | Favorite | View

TestLink 1.9.13 Cross Site Scripting

Posted Oct 7, 2015

Authored by Omar Kurt | Site netsparker.com

TestLink version 1.9.13 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

advisories | CVE-2015-7391

SHA-256 | 5230eccf702e10b722d8c391655f290d789494d743b802c5506670a312281917

Download | Favorite | View

TestLink 1.9.13 SQL Injection

Posted Oct 7, 2015

Authored by Omar Kurt | Site netsparker.com

TestLink version 1.9.13 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

advisories | CVE-2015-7390

SHA-256 | e9e6f1842a313a62999a5d4e95558ee5a223b9fd6e37b8be04d0e64fc4439978

Download | Favorite | View

TestLink 1.9.12 Path Disclosure

Posted Oct 23, 2014

Authored by EgiX

TestLink versions 1.9.12 and below suffer from a path disclosure weakness.

tags | advisory

advisories | CVE-2014-8082

SHA-256 | d4e121ab0a2d7487bb19bb362e04c56ee75b63e8fc27574280cfee78584f1aad

Download | Favorite | View

TestLink 1.9.12 PHP Object Injection

Posted Oct 23, 2014

Authored by EgiX

TestLink versions 1.9.12 and below suffer from a PHP object injection vulnerability in execSetResults.php.

tags | advisory, php

advisories | CVE-2014-8081

SHA-256 | 84140ec47ef7b41446e409364cc8ec283f65b120fa742ffdf380813e2bf74c75

Download | Favorite | View

TestLink 1.9.11 SQL Injection

Posted Oct 1, 2014

Authored by Jerzy Kramarz | Site portcullis-security.com

TestLink version 1.9.11 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection

advisories | CVE-2014-5308

SHA-256 | 89a8209be3fba1b541de072c93114fc6da4c5937177e0ac438ee7af7946ca9c8

Download | Favorite | View

TestLink 1.9.3 Cross Site Request Forgery

Posted Sep 6, 2012

Authored by High-Tech Bridge SA | Site htbridge.com

TestLink version 1.9.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2012-2275

SHA-256 | 736b804ed14899a61e45af9653a9658234392141a3b1244d4491cc912560e8b1

Download | Favorite | View

Secunia Security Advisory 50248

Posted Aug 14, 2012

Authored by Secunia | Site secunia.com

Secunia Security Advisory - Brendan Coles has discovered two security issues and a vulnerability in TestLink, which can be exploited by malicious people to conduct cross-site forgery attacks and disclose certain sensitive and system information.

tags | advisory

SHA-256 | b75356024a543a0d9fde7722cd0bfef56d5c9bb5cdff27c1f45155eefb22e5ad

Download | Favorite | View

TestLink 1.9.3 Arbitrary File Upload

Posted Aug 14, 2012

Authored by Brendan Coles | Site metasploit.com

This Metasploit module exploits a vulnerability in TestLink versions 1.9.3 and prior. This application has an upload feature that allows any authenticated user to upload arbitrary files to the '/upload_area/nodes_hierarchy/' directory with a randomized file name. The file name can be retrieved from the database using SQL injection.

tags | exploit, arbitrary, sql injection

SHA-256 | d7801d84f2c0b381a4eab2c495d1007bc1e69f64d876b88ff24732a4755a2f71

Download | Favorite | View

Secunia Security Advisory 48054

Posted Feb 22, 2012

Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in TestLink, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection

SHA-256 | 4c2bc425760d13091f04a350ec93203c0697688a75ffcfbadd609c9d85c3e85b

Download | Favorite | View

TestLink 1.9.3 SQL Injection

Posted Feb 20, 2012

Authored by Juan M. Natal

TestLink version 1.9.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

advisories | CVE-2012-0938, CVE-2012-0939

SHA-256 | 5b79cc3873d33e07546bdbc0e0931cbc22ad17861768b7bbf8205110175bf6f2

Download | Favorite | View

Testlink TestManagement And Execution System Directory Traversal

Posted Jan 16, 2010

Authored by Prashant Khandelwal

Testlink TestManagement and Execution System suffers from directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion

SHA-256 | 83f339bed5abb1597662d74924888afa7fdc10c709333f7bf52d46be82a6cbe1

Download | Favorite | View

Testlink TestManagement And Execution System Cross Site Scripting

Posted Jan 16, 2010

Authored by Prashant Khandelwal

Testlink TestManagement and Execution System suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | 8a208e2fc273c56399bdd1d85eaf21d90d1e06ad4d3f4357aba6e056b9c2bfd1

Download | Favorite | View

Secunia Security Advisory 38201

Posted Jan 15, 2010

Authored by Secunia | Site secunia.com

Secunia Security Advisory - Prashant Khandelwal has discovered some vulnerabilities in Testlink, which can be exploited by malicious users to disclose sensitive information and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss

SHA-256 | 6a9b3c42a1552e232573f1c290c6f715693f88678423439dabb8522d9065e115

Download | Favorite | View

Secunia Security Advisory 37651

Posted Dec 11, 2009

Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in TestLink, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection

SHA-256 | 4eecb8a0b1777103968dcfac82e73b6f45f857bff5d86e4bdc76c0fd0703dd57

Download | Favorite | View

Core Security Technologies Advisory 2009.1013

Posted Dec 10, 2009

Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - The TestLink Test Management and Execution System suffers from cross site scripting and remote SQL injection vulnerabilities. Versions below 1.8.5 are affected.

tags | exploit, remote, vulnerability, xss, sql injection

advisories | CVE-2009-4237, CVE-2009-4238

SHA-256 | 2bbdda7eafe32f627a758e47e2c6db60062bf70f69910951129140b25d14cab6

Download | Favorite | View

Secunia Security Advisory 32599

Posted Nov 12, 2008

Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in TestLink, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability

SHA-256 | bd9bf50b7ed5b6031d81fd5b2acc865f0e5d30d0a412ffc83bc857423bc51a84

Download | Favorite | View