Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2014-2238

🗓️ 05 Mar 2014 15:00:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 60 Views🌐 WEB

SQL injection vulnerability in MantisBT 1.2.13 through 1.2.1

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today		MantisBT Admin SQL Injection Arbitrary File Read Vulnerability
4 Mar 201400:00
zdt
0day.today		Wordpress Photo Gallery Unauthenticated SQL Injection User Enumeration Exploit
14 Jan 201500:00
zdt
Tenable Nessus		MantisBT 1.2.13 < 1.2.17 SQLi
18 Feb 201500:00
nessus
Tenable Nessus		Fedora 20 : mantis-1.2.17-1.fc20 (2014-3421)
13 Mar 201400:00
nessus
Tenable Nessus		Fedora 19 : mantis-1.2.17-1.fc19 (2014-3440)
13 Mar 201400:00
nessus
Tenable Nessus		MantisBT 1.2.13 - 1.2.16 'admin_config_report.php' SQLi
22 Jan 201500:00
nessus
Circl		CVE-2014-2238
29 May 201815:50
circl
Cvelist		CVE-2014-2238
5 Mar 201415:00
cvelist
Fedora		[SECURITY] Fedora 20 Update: mantis-1.2.17-3.fc20
12 Oct 201405:01
fedora
Fedora		[SECURITY] Fedora 20 Update: mantis-1.2.17-4.fc20
12 Dec 201404:30
fedora
Rows per page
NVD
Node
mantisbtmantisbtMatch1.2.13
OR
mantisbtmantisbtMatch1.2.14
OR
mantisbtmantisbtMatch1.2.15
OR
mantisbtmantisbtMatch1.2.16
ParameterPositionPathDescriptionCWE
filter_config_idrequest bodyadm_config_report.phpSQL injection via filter_config_id parameter in adm_config_report.php allowing arbitrary SQL via LOAD_FILE to read arbitrary files (authenticated admin involvement).CWE-89

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 May 2026 22:30Current
6.5Medium risk
Vulners AI Score6.5
CVSS 26.5
EPSS0.45353
CWE-89
cve-2014-2238sql injectionmantisbtadm_config_report.phpnvd
60