Page 11 of 82 results (0.007 seconds)

CVSS: 5.0EPSS: 0%CPEs: 47EXPL: 0

The print_test_result function in admin/upgrade_unattended.php in MantisBT 1.1.0a3 through 1.2.x before 1.2.18 allows remote attackers to obtain database credentials via a URL in the hostname parameter and reading the parameters in the response sent to the URL. La función print_test_result en admin/upgrade_unattended.php en MantisBT 1.1.0a3 hasta 1.2.x anterior a 1.2.18 permite a atacantes remotos obtener las credenciales de la base de datos a través de una URL en el parámetro hostname y la lectura de los parámetros en la respuesta enviada a la URL. • http://seclists.org/oss-sec/2014/q4/863 http://www.mantisbt.org/bugs/view.php?id=17877 http://www.securityfocus.com/bid/71359 https://exchange.xforce.ibmcloud.com/vulnerabilities/99031 https://github.com/mantisbt/mantisbt/commit/0826cef8 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 1

The current_user_get_bug_filter function in core/current_user_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary PHP code via the filter parameter. La función current_user_get_bug_filter en core/current_user_api.php en MantisBT anterior a 1.2.18 permite a atacantes remotos ejecutar código PHP arbitrario a través del parámetro filter. • http://seclists.org/oss-sec/2014/q4/864 http://seclists.org/oss-sec/2014/q4/923 http://secunia.com/advisories/62101 http://www.debian.org/security/2015/dsa-3120 http://www.mantisbt.org/bugs/view.php?id=17875 http://www.securityfocus.com/bid/71361 https://exchange.xforce.ibmcloud.com/vulnerabilities/99016 https://github.com/mantisbt/mantisbt/commit/599364b2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

MantisBT before 1.2.18 uses the public_key parameter value as the key to the CAPTCHA answer, which allows remote attackers to bypass the CAPTCHA protection mechanism by leveraging knowledge of a CAPTCHA answer for a public_key parameter value, as demonstrated by E4652 for the public_key value 0. MantisBT anterior a 1.2.18 utiliza el valor del parámetro public_key como la clave para la respuesta CAPTCHA, lo que permite a atacantes remotos evadir el mecanismo de protección CAPTCHA mediante el aprovechamiento de conocimiento de una respuesta CAPTCHA para un valor del parámetro public_key, tal y como fue demostrado por E4652 por el valor public_key 0. • http://secunia.com/advisories/62101 http://www.debian.org/security/2015/dsa-3120 http://www.openwall.com/lists/oss-security/2014/11/26/19 http://www.openwall.com/lists/oss-security/2014/11/27/8 http://www.securityfocus.com/bid/71321 https://exchange.xforce.ibmcloud.com/vulnerabilities/99004 https://github.com/mantisbt/mantisbt/commit/7bb78e45 https://www.mantisbt.org/bugs/view.php?id=17811 • CWE-284: Improper Access Control •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

Multiple SQL injection vulnerabilities in view_all_bug_page.php in MantisBT before 1.2.18 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to view_all_set.php. Múltiples vulnerabilidades de inyección SQL en view_all_bug_page.php en MantisBT anterior a 1.2.18 permiten a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro (1) sort o (2) dir en view_all_set.php. • http://secunia.com/advisories/62101 http://www.debian.org/security/2015/dsa-3120 http://www.openwall.com/lists/oss-security/2014/11/25/14 http://www.openwall.com/lists/oss-security/2014/11/26/6 http://www.securityfocus.com/bid/71298 https://github.com/mantisbt/mantisbt/commit/b0021673ab23249244119bde3c7fcecd4daa4e7f https://www.mantisbt.org/bugs/view.php?id=17841 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1

The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to (1) upload arbitrary XML files via the import page or (2) obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code. El plugin XML Import/Export en MantisBT 1.2.x no restringe el acceso, lo que permite a atacantes remotos (1) subir código XML arbitrario mediante la página 'import' o (2) obtener información sensible mediante la página 'export'. NOTA: este fallo puede ser combinado con la CVE-2014-7146 y ejecutar código PHP arbitrario. • https://www.exploit-db.com/exploits/41685 http://secunia.com/advisories/62101 http://www.debian.org/security/2015/dsa-3120 http://www.mantisbt.org/bugs/view.php?id=17780 http://www.openwall.com/lists/oss-security/2014/11/07/28 http://www.securityfocus.com/bid/70996 https://exchange.xforce.ibmcloud.com/vulnerabilities/98573 https://github.com/mantisbt/mantisbt/commit/80a15487 https://www.mantisbt.org/bugs/view.php?id=17725 https://www.mantisbt.org/bugs/view.php?id&# • CWE-19: Data Processing Errors •