Page 17 of 115 results (0.013 seconds)

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1

The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to (1) upload arbitrary XML files via the import page or (2) obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code. El plugin XML Import/Export en MantisBT 1.2.x no restringe el acceso, lo que permite a atacantes remotos (1) subir código XML arbitrario mediante la página 'import' o (2) obtener información sensible mediante la página 'export'. NOTA: este fallo puede ser combinado con la CVE-2014-7146 y ejecutar código PHP arbitrario. • https://www.exploit-db.com/exploits/41685 http://secunia.com/advisories/62101 http://www.debian.org/security/2015/dsa-3120 http://www.mantisbt.org/bugs/view.php?id=17780 http://www.openwall.com/lists/oss-security/2014/11/07/28 http://www.securityfocus.com/bid/70996 https://exchange.xforce.ibmcloud.com/vulnerabilities/98573 https://github.com/mantisbt/mantisbt/commit/80a15487 https://www.mantisbt.org/bugs/view.php?id=17725 https://www.mantisbt.org/bugs/view.php?id&# • CWE-19: Data Processing Errors •

CVSS: 7.5EPSS: 33%CPEs: 1EXPL: 2

The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a crafted (1) description field or (2) issuelink attribute in an XML file, which is not properly handled when executing the preg_replace function with the e modifier. El plugin XmlImportExport en MantisBT 1.2.15 y versiones anteriores, permite a atacantes remotos ejecutar código arbitrario PHP a mediante campos de descripción o modificaciones en el atributo issuelink en ficheros XML, que no es correctamente gestionada cuando se ejecuta la función preg_replace con el modidicador. Mantis Bug Tracker versions 1.2.0 through 1.2.17 suffer from a PHP code injection vulnerability. • https://www.exploit-db.com/exploits/41685 https://www.exploit-db.com/exploits/35283 http://seclists.org/oss-sec/2014/q4/576 http://secunia.com/advisories/62101 http://www.debian.org/security/2015/dsa-3120 http://www.mantisbt.org/bugs/view.php?id=17725 http://www.securityfocus.com/bid/70993 https://exchange.xforce.ibmcloud.com/vulnerabilities/98572 https://github.com/mantisbt/mantisbt/commit/84017535 https://github.com/mantisbt/mantisbt/commit/bed19db9 https://www.man • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 75EXPL: 2

SQL injection vulnerability in the mc_project_get_attachments function in api/soap/mc_project_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary SQL commands via the project_id parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1609. Una vulnerabilidad de inyección SQL en la función mc_project_get_attachments en api/soap/mc_project_api.php en MantisBT anterior a 1.2.18 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro project_id. NOTA: esta vulnerabilidad existe debido a una solución incompleta de CVE-2014-1609. • http://seclists.org/oss-sec/2014/q4/479 http://seclists.org/oss-sec/2014/q4/487 http://secunia.com/advisories/62101 http://www.debian.org/security/2015/dsa-3120 http://www.mantisbt.org/bugs/view.php?id=16880 http://www.mantisbt.org/bugs/view.php?id=17812 http://www.securityfocus.com/bid/70856 https://exchange.xforce.ibmcloud.com/vulnerabilities/98457 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.0EPSS: 0%CPEs: 23EXPL: 1

gpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to bypass authenticated via a password starting will a null byte, which triggers an unauthenticated bind. gpc_api.php en MantisBT 1.2.17 y anteriores permite a atacantes remotos evadir la autenticación a través de una contraseña que empiece por un byte nulo, lo que provoca un bind no autenticado. • http://www.mantisbt.org/bugs/view.php?id=17640 http://www.openwall.com/lists/oss-security/2014/09/12/11 http://www.openwall.com/lists/oss-security/2014/09/12/14 http://www.openwall.com/lists/oss-security/2014/09/13/1 • CWE-287: Improper Authentication •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 2

Mantis Bug Tracker (aka MantisBT) 1.2.12 before 1.2.15 allows remote attackers to cause a denial of service (resource consumption) via a filter using a criteria, text search, and the "any condition" match type. Mantis Bug Tracker (también conocido como MantisBT) 1.2.12 anterior a 1.2.15 permite a atacantes remotos causar una denegación de servicio (consumo de recursos) a través de un filtro que utiliza un criterio, búsqueda de texto y el tipo de coincidencia 'cualquier condición'. • http://www.mantisbt.org/bugs/view.php?id=15573 http://www.openwall.com/lists/oss-security/2013/03/22/2 http://www.securityfocus.com/bid/58626 https://bugzilla.redhat.com/show_bug.cgi?id=924340 https://exchange.xforce.ibmcloud.com/vulnerabilities/83347 https://github.com/mantisbt/mantisbt/commit/d16988c3ca232a7 • CWE-20: Improper Input Validation •