Full Disclosure

[KIS-2014-11] TestLink <= 1.9.12 (execSetResults.php) PHP Object Injection Vulnerability

October 23, 2014 007admin Leave a comment

Posted by Egidio Romano on Oct 23

————————————————————————–
TestLink <= 1.9.12 (execSetResults.php) PHP Object Injection Vulnerability
————————————————————————–

[-] Software Link:

http://testlink.org/

[-] Affected Versions:

Version 1.9.12 and prior versions.

[-] Weakness Description:

The vulnerable code is located in the /lib/execute/execSetResults.php script:

428….

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information