CVE-2020-8639

HIGH

TestLink 1.9.20 - RCE

Title source: llm

Description

An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. This allows an authenticated attacker to upload a malicious file (containing PHP code to execute operating system commands) to a publicly accessible directory of the application.

Exploits (1)

exploitdb WORKING POC

by snovvcrash · pythonwebappsphp

https://www.exploit-db.com/exploits/49561

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/161401/TestLink-1.9.20-Shell-Upload.html

[Exploit, Patch, Third Party Advisory] https://ackcent.com/blog/testlink-1.9.20-unrestricted-file-upload-and-sql-injection/

[Patch, Third Party Advisory] https://github.com/TestLinkOpenSourceTRMS/testlink-code/commit/57d81ae350d569c5c95087997fe051c49e14516d

Scores

CVSS v3 8.8

EPSS 0.1601

EPSS Percentile 94.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (1)

testlink/testlink 1.9.20

Published Apr 03, 2020

Tracked Since Feb 18, 2026