CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2014-8598 – Mantis Bug Tracker 1.2.0a3 < 1.2.17 XmlImportExport Plugin - PHP Code Injection
https://notcve.org/view.php?id=CVE-2014-8598
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to (1) upload arbitrary XML files via the import page or (2) obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code. El plugin XML Import/Export en MantisBT 1.2.x no restringe el acceso, lo que permite a atacantes remotos (1) subir código XML arbitrario mediante la página 'import' o (2) obtener información sensible mediante la página 'export'. NOTA: este fallo puede ser combinado con la CVE-2014-7146 y ejecutar código PHP arbitrario. • https://www.exploit-db.com/exploits/41685 http://secunia.com/advisories/62101 http://www.debian.org/security/2015/dsa-3120 http://www.mantisbt.org/bugs/view.php?id=17780 http://www.openwall.com/lists/oss-security/2014/11/07/28 http://www.securityfocus.com/bid/70996 https://exchange.xforce.ibmcloud.com/vulnerabilities/98573 https://github.com/mantisbt/mantisbt/commit/80a15487 https://www.mantisbt.org/bugs/view.php?id=17725 https://www.mantisbt.org/bugs/view.php?id&# • CWE-19: Data Processing Errors •
CVSS: 7.5EPSS: 0%CPEs: 75EXPL: 2CVE-2014-8554
https://notcve.org/view.php?id=CVE-2014-8554
SQL injection vulnerability in the mc_project_get_attachments function in api/soap/mc_project_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary SQL commands via the project_id parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1609. Una vulnerabilidad de inyección SQL en la función mc_project_get_attachments en api/soap/mc_project_api.php en MantisBT anterior a 1.2.18 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro project_id. NOTA: esta vulnerabilidad existe debido a una solución incompleta de CVE-2014-1609. • http://seclists.org/oss-sec/2014/q4/479 http://seclists.org/oss-sec/2014/q4/487 http://secunia.com/advisories/62101 http://www.debian.org/security/2015/dsa-3120 http://www.mantisbt.org/bugs/view.php?id=16880 http://www.mantisbt.org/bugs/view.php?id=17812 http://www.securityfocus.com/bid/70856 https://exchange.xforce.ibmcloud.com/vulnerabilities/98457 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.0EPSS: 0%CPEs: 23EXPL: 1CVE-2014-6387
https://notcve.org/view.php?id=CVE-2014-6387
gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to bypass authenticated via a password starting will a null byte, which triggers an unauthenticated bind. gpc_api.php en MantisBT 1.2.17 y anteriores permite a atacantes remotos evadir la autenticación a través de una contraseña que empiece por un byte nulo, lo que provoca un bind no autenticado. • http://www.mantisbt.org/bugs/view.php?id=17640 http://www.openwall.com/lists/oss-security/2014/09/12/11 http://www.openwall.com/lists/oss-security/2014/09/12/14 http://www.openwall.com/lists/oss-security/2014/09/13/1 • CWE-287: Improper Authentication •
CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 2CVE-2013-1883
https://notcve.org/view.php?id=CVE-2013-1883
Mantis Bug Tracker (aka MantisBT) 1.2.12 before 1.2.15 allows remote attackers to cause a denial of service (resource consumption) via a filter using a criteria, text search, and the "any condition" match type. Mantis Bug Tracker (también conocido como MantisBT) 1.2.12 anterior a 1.2.15 permite a atacantes remotos causar una denegación de servicio (consumo de recursos) a través de un filtro que utiliza un criterio, búsqueda de texto y el tipo de coincidencia 'cualquier condición'. • http://www.mantisbt.org/bugs/view.php?id=15573 http://www.openwall.com/lists/oss-security/2013/03/22/2 http://www.securityfocus.com/bid/58626 https://bugzilla.redhat.com/show_bug.cgi?id=924340 https://exchange.xforce.ibmcloud.com/vulnerabilities/83347 https://github.com/mantisbt/mantisbt/commit/d16988c3ca232a7 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2014-2238 – MantisBT Admin SQL Injection Arbitrary File Read
https://notcve.org/view.php?id=CVE-2014-2238
SQL injection vulnerability in the manage configuration page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via the filter_config_id parameter. Vulnerabilidad de inyección SQL en la página "manage configuration" (adm_config_report.php) en MantisBT 1.2.13 hasta 1.2.16 permite a administradores remotos autenticados ejecutar comandos SQL arbitrarios a través del parámetro filter_config_id. Versions 1.2.13 through 1.2.16 are vulnerable to a SQL injection attack if an attacker can gain access to administrative credentials. This vuln was fixed in 1.2.17. • http://mantisbt.domainunion.de/bugs/view.php?id=17055 http://seclists.org/oss-sec/2014/q1/456 http://seclists.org/oss-sec/2014/q1/490 http://www.mantisbt.org/blog/?p=288 http://www.securityfocus.com/bid/65903 https://exchange.xforce.ibmcloud.com/vulnerabilities/91563 https://www.mantisbt.org/bugs/view.php?id=17055 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •