TestLink Multiple Security Vulnerabilities Network Vulnerability

Summary

TestLink is prone to multiple security vulnerabilities, including: 1. An arbitrary file-upload vulnerability 2. An information-disclosure vulnerability 3. A cross-site request-forgery vulnerability Exploiting these vulnerabilities may allow an attacker to harvest sensitive information, upload and execute arbitrary server side code in the context of the web server, or perform unauthorized actions on behalf of a user in the context of the site. This may aid in launching further attacks.

References

http://www.securityfocus.com/bid/54990
http://www.teamst.org/

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.0 AV:N/AC:M/Au:S/C:C/I:P/A:N

Related Vulnerabilities

Adobe ColdFusion Multiple Vulnerabilities-02 May-2014
Apache Archiva Multiple Remote Command Execution Vulnerabilities
Assesi 'bg' Parameter SQL Injection vulnerability
ApPHP MicroBlog Remote Code Execution Vulnerability
Apache Struts2 Redirection and Security Bypass Vulnerabilities

Take action and discover your vulnerabilities