CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-6006

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1820%
EPSS Percentile44.77th
Published2007年11月15日
Last Modified2026年4月23日

Vulnerability Description

TestLink before 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown impact and attack vectors.

Affected Platforms (CPE)

📦
Testlink

Testlink

<= 1.7.0

References & Advisories

🔗 http://osvdb.org/42211
🔗 http://secunia.com/advisories/27600
🔗 http://sourceforge.net/project/shownotes.php?release_id=548619&group_id=90976
🔗 http://www.securityfocus.com/bid/26439
🔗 http://osvdb.org/42211
🔗 http://secunia.com/advisories/27600
🔗 http://sourceforge.net/project/shownotes.php?release_id=548619&group_id=90976
🔗 http://www.securityfocus.com/bid/26439

相关漏洞威胁

CVE-2020-122749.8

In TestLink 1.9.20, the lib/cfields/cfieldsExport.php goback_url parameter causes a security risk because it depends on client inp...

CVE-2020-86379.8

A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in dragdroptreenodes.php via t...

CVE-2020-86389.8

A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in planUrgency.php via the urg...

CVE-2015-73909.8

SQL injection vulnerability in TestLink before 1.9.14 allows remote attackers to execute arbitrary SQL commands via the apikey par...