Unrated severityNVD Advisory· Published Apr 3, 2020· Updated Aug 4, 2024
CVE-2020-8637
CVE-2020-8637
Description
A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in dragdroptreenodes.php via the node_id parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- TestLink/TestLinkdescription
- Range: = 1.9.20
Patches
Vulnerability mechanics
References
2- ackcent.com/blog/testlink-1.9.20-unrestricted-file-upload-and-sql-injection/mitrex_refsource_MISC
- github.com/TestLinkOpenSourceTRMS/testlink-code/commit/d99bd8277d384f3417e917ce20bef5d061110343mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.