CVE-2022-35193

HIGH

Testlink - SQL Injection

Title source: rule

TestLink v1.9.20 was discovered to contain a SQL injection vulnerability via /lib/execute/execNavigator.php.

Core 2

Core References

Third Party Advisory x_refsource_misc

Exploit, Third Party Advisory x_refsource_misc

CVSS v3 7.2

EPSS 0.0027

EPSS Percentile 50.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-89

Status published

Products (1)

testlink/testlink 1.9.20

Published Sep 16, 2022

Tracked Since Feb 18, 2026