Mantis Bugtracker          
testlink.org

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0003677TestLinkInternal issuepublic2010-08-13 09:462010-08-31 20:27
ReporterReinKrul 
Assigned Tofman 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version1.8.5 (bug fixing) 
Fixed in Version1.9 Beta 5 
Summary0003677: Search bar 'Test Case ID' allows SQL injection
DescriptionThe search field 'Test Case ID' allows SQL injection because no escaping or anything is done. A malicious user could easily inject any database-wrecking code he wants.
Steps To ReproduceEnter any SQL in the Test Case ID field and it will get executed.
TagsNo tags attached.
Database (MySQL,Postgres,etc)MySQL
BrowserFireFox
PHP Version5.3.1
TestCaseID
QA Team - Task Workflow Status
Attached Files

- Relationships
related to 0003633closedfman Searching for non existing test case id in the main menu leads to error "Fatal error: Call to undefined function reportFatal()" 

-  Notes
(0010868)
fman (administrator)
2010-08-15 14:40

please use code attached on related issue, test and let us know
(0010872)
ReinKrul (reporter)
2010-08-16 07:12

The attached code solves the problem, thanks!
(0010873)
ReinKrul (reporter)
2010-08-16 11:40

This bug is also present in the demo environment (http://testlink.sourceforge.net/demo/ [^]), you might want to patch it to avoid people executing malicious queries.
(0010888)
fman (administrator)
2010-08-19 17:10

Reminder sent to: Julian

do you want to update 1.8.5 demo with this code ?
(0011062)
fman (administrator)
2010-08-31 20:27

Release BETA 6 - 20100831

- Issue History
Date Modified Username Field Change
2010-08-13 09:46 ReinKrul New Issue
2010-08-15 14:38 fman Relationship added related to 0003366
2010-08-15 14:38 fman Relationship added related to 0003363
2010-08-15 14:39 fman Relationship deleted related to 0003363
2010-08-15 14:39 fman Relationship deleted related to 0003366
2010-08-15 14:39 fman Relationship added related to 0003633
2010-08-15 14:40 fman Note Added: 0010868
2010-08-15 14:40 fman Assigned To => fman
2010-08-15 14:40 fman Status new => feedback
2010-08-16 07:12 ReinKrul Note Added: 0010872
2010-08-16 07:12 ReinKrul Status feedback => assigned
2010-08-16 11:40 ReinKrul Note Added: 0010873
2010-08-19 17:10 fman Note Added: 0010888
2010-08-19 17:10 fman Status assigned => resolved
2010-08-19 17:10 fman Fixed in Version => 1.9 Beta 5
2010-08-19 17:10 fman Resolution open => fixed
2010-08-31 20:27 fman Note Added: 0011062
2010-08-31 20:27 fman Status resolved => closed



Copyright © 2000 - 2019 MantisBT Team
Powered by Mantis Bugtracker