Lucene search
MitreCVELIST:CVE-2014-1608HistoryMar 18, 2014 - 2:00 p.m.
CVE-2014-1608
2014-03-1814:00:00
mitre
www.cve.org
8
SQL injection vulnerability in the mci_file_get function in api/soap/mc_file_api.php in MantisBT before 1.2.16 allows remote attackers to execute arbitrary SQL commands via a crafted envelope tag in a mc_issue_attachment_get SOAP request.
References
osvdb.org/103118
secunia.com/advisories/61432
www.debian.org/security/2014/dsa-3030
www.mantisbt.org/bugs/view.php?id=16879
www.ocert.org/advisories/ocert-2014-001.html
www.securityfocus.com/bid/65445
bugzilla.redhat.com/show_bug.cgi?id=1063111
github.com/mantisbt/mantisbt/commit/00b4c17088fa56594d85fe46b6c6057bb3421102
Related
nvd
nvd
CVE-2014-1608
2014-03-18 17:03:00
CVE-2014-1609
2014-03-20 16:55:12
prion
prion
Sql injection
2014-03-18 17:03:00
Sql injection
2014-03-20 16:55:00
seebug
seebug
MantisBT 'mc_issue_attachment_get' SOAP API SQL注入漏洞
2014-03-19 00:00:00
ubuntucve
ubuntucve
CVE-2014-1608
2014-03-18 00:00:00
CVE-2014-1609
2014-03-20 00:00:00
cve
cve
CVE-2014-1608
2014-03-18 17:03:00
CVE-2014-1609
2014-03-20 16:55:12
openvas
openvas
Debian Security Advisory DSA 3030-1 (mantis - security update)
2014-09-20 00:00:00
MantisBT < 1.2.16 Multiple SQLi Vulnerabilities
2014-03-25 00:00:00
Debian: Security Advisory (DSA-3030-1)
2014-09-19 00:00:00
securityvulns
securityvulns
[oCERT-2014-001] MantisBT input sanitization errors
2014-02-11 00:00:00
[SECURITY] [DSA 3030-1] mantis security update
2014-10-14 00:00:00
nessus
nessus
Debian DSA-3030-1 : mantis - security update
2014-09-22 00:00:00
MantisBT 1.1.0 < 1.2.16 Multiple Vulnerabilities
2015-02-18 00:00:00
MantisBT 1.1.0 < 1.2.16 Multiple Vulnerabilities
2014-03-27 00:00:00
cvelist
cvelist
CVE-2014-1609
2014-03-20 16:00:00
debian
debian
[SECURITY] [DSA 3030-1] mantis security update
2014-09-20 21:26:14
fedora
fedora
[SECURITY] Fedora 20 Update: mantis-1.2.17-1.fc20
2014-03-13 05:07:18
[SECURITY] Fedora 19 Update: mantis-1.2.17-1.fc19
2014-03-13 05:01:34