Lucene search
HistoryOct 04, 2002 - 4:00 a.m.
CVE-2002-1114
mantis
cve-2002-1114
security vulnerability
remote code execution
file read
nvd
7.7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.3%
config_inc2.php in Mantis before 0.17.4 allows remote attackers to execute arbitrary code or read arbitrary files via the parameters (1) g_bottom_include_page, (2) g_top_include_page, (3) g_css_include_file, (4) g_meta_include_file, or (5) a cookie.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mantis:mantis | mantis | eq | 0.17.0 |
| mantis:mantis | mantis | eq | 0.17.2 |
| mantis:mantis | mantis | eq | 0.17.3 |
| mantis:mantis | mantis | eq | 0.17.1 |
Related
cvelist
cvelist
CVE-2002-1114
2002-09-10 04:00:00
osv
osv
mantis - cross site code execution and privilege escalation
2002-08-14 00:00:00
openvas
openvas
Debian Security Advisory DSA 153-1 (mantis)
2008-01-17 00:00:00
Debian Security Advisory DSA 153-1 (mantis)
2008-01-17 00:00:00
nessus
nessus
Mantis < 0.17.5 Multiple Vulnerabilities
2003-05-27 00:00:00
7.7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.3%
Related for CVE-2002-1114