Lucene search
MitreCVELIST:CVE-2006-0840HistoryFeb 22, 2006 - 2:00 a.m.
CVE-2006-0840
2006-02-2202:00:00
mitre
raw.githubusercontent.com
1
manage_user_page.php in Mantis 1.00rc4 and earlier does not properly handle a sort parameter containing a ’ (quote) character, which allows remote attackers to trigger a SQL error that may be repeatedly reported to a user who makes subsequent web accesses with the MANTIS_MANAGE_COOKIE cookie. NOTE: this issue might be the same as vector 2 in CVE-2005-4519.
Related
ubuntucve
ubuntucve
CVE-2006-0840
2006-02-22 00:00:00
CVE-2005-4519
2005-12-28 00:00:00
prion
prion
Code injection
2006-02-22 02:02:00
cve
cve
CVE-2005-4519
2005-12-28 01:03:00
CVE-2006-0840
2006-02-22 02:02:00
cvelist
cvelist
CVE-2005-4519
2005-12-28 01:00:00
openvas
openvas
Debian: Security Advisory (DSA-944-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200512-12 (Mantis)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200512-12 (Mantis)
2008-09-24 00:00:00
nessus
nessus
GLSA-200512-12 : Mantis: Multiple vulnerabilities
2005-12-30 00:00:00
Debian DSA-944-1 : mantis - several vulnerabilities
2006-10-14 00:00:00
gentoo
gentoo
Mantis: Multiple vulnerabilities
2005-12-22 00:00:00
osv
osv
mantis - several
2006-01-17 00:00:00
debian
debian
[SECURITY] [DSA 944-1] New mantis packages fix several vulnerabilities
2006-01-17 10:31:54
[SECURITY] [DSA 944-1] New mantis packages fix several vulnerabilities
2006-01-17 10:31:54