Posted by jnatal on Feb 20
------------------Information
------------------
Name: SQL Injection Vulnerabilities in TestLink
Software tested: TL v1.8.5b & checked in v1.9.3 (prior version may be
affected)
Vendor Homepage: http://www.teamst.org
Vendor Notification: 27 January 2012
Vendor Patch: 4 February 2012
Public Disclosure: 20 February 2012
CVE: CVE-2012-0938 & CVE-2012-0939
Solution Status: Fixed by Vendor
------------------
Description
------------------...