I am unable to exploit this with any user except admin, so I am curious how
you were able to come to the conclusion that any user who could sign up
would be able to exploit these...
"Note:'Any user can create account for the application in
'testlink/firstLogin.php' page hence its possible to explo
Vulnerability title: Multiple SQL Injection Vulnerabilities in TestLink
CVE: CVE-2014-5308
Vendor: Testlink
Product: TestLink
Affected version: 1.9.11
Fixed version: Fixed in SVN commit number 7a09973
Reported by: Jerzy Kramarz
Details:
Two SQL injection vulnerabilities have been found and confir
