Full title: TestLink 1.9.11 - Multiple SQL Injection Vulnerabilities 
Category: web applications
Platform: php
Two SQL injection vulnerabilities have been found and confirmed within the software as an authenticated user. A successful attack could allow an authenticated attacker to access information such as usernames and password hashes that are stored in the database. The following URLs and parameters have been confirmed to suffer from Multiple SQL injections

# 0day.today @ http://0day.today/