CVE-2019-20107

HIGH

Testlink < 1.9.19 - SQL Injection

Title source: rule
STIX 2.1

Description

Multiple SQL injection vulnerabilities in TestLink through 1.9.19 allows remote authenticated users to execute arbitrary SQL commands via the (1) tproject_id parameter to keywordsView.php; the (2) req_spec_id parameter to reqSpecCompareRevisions.php; the (3) requirement_id parameter to reqCompareVersions.php; the (4) build_id parameter to planUpdateTC.php; the (5) tplan_id parameter to newest_tcversions.php; the (6) tplan_id parameter to tcCreatedPerUserGUI.php; the (7) tcase_id parameter to tcAssign2Tplan.php; or the (8) testcase_id parameter to tcCompareVersions.php. Authentication is often easy to achieve: a guest account, that can execute this attack, can be created by anyone in the default configuration.

References (9)

Core 9
Core References
Vendor Advisory x_refsource_misc
http://mantis.testlink.org/view.php?id=8829
Third Party Advisory x_refsource_misc
https://twitter.com/TLOpenSource/status/1212394020946751489
Vendor Advisory x_refsource_misc
http://mantis.testlink.org/view.php?id=8829#c29360

Scores

CVSS v3 8.8
EPSS 0.0178
EPSS Percentile 82.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
testlink/testlink < 1.9.19
Published Mar 05, 2020
Tracked Since Feb 18, 2026