Lucene search
Net.Edit0rEDB-ID:36068HistoryAug 18, 2011 - 12:00 a.m.
Mantis Bug Tracker 1.1.8 - Cross-Site Scripting / SQL Injection
2011-08-1800:00:00
Net.Edit0r
www.exploit-db.com
27
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/49235/info
MantisBT is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
MantisBT 1.2.6 is vulnerable; other versions may also be affected.
http://www.example.com/path/search.php?project_id=[XSS]
http://www.example.com/path/core.php?mbadmin=[SQL]Related
openvas
openvas
FreeBSD Ports: mantis
2011-09-21 00:00:00
FreeBSD Ports: mantis
2011-09-21 00:00:00
MantisBT Cross Site Scripting and SQL Injection Vulnerabilities
2011-08-19 00:00:00
ubuntucve
ubuntucve
CVE-2011-2938
2011-09-21 00:00:00
cve
cve
CVE-2011-2938
2011-09-21 16:55:04
nvd
nvd
CVE-2011-2938
2011-09-21 16:55:04
prion
prion
Cross site scripting
2011-09-21 16:55:00
cvelist
cvelist
CVE-2011-2938
2011-09-21 16:00:00
nessus
nessus
FreeBSD : XSS issue in MantisBT (a83f25df-d775-11e0-8bf1-003067b2972c)
2011-09-06 00:00:00
Fedora 16 : mantis-1.2.8-1.fc16 (2011-12336)
2011-10-03 00:00:00
Fedora 15 : mantis-1.2.8-1.fc15 (2011-12369)
2011-09-19 00:00:00
freebsd
freebsd
XSS issue in MantisBT
2011-08-18 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: mantis-1.2.8-1.fc16
2011-09-30 19:13:32
[SECURITY] Fedora 15 Update: mantis-1.2.8-1.fc15
2011-09-18 00:57:23
gentoo
gentoo
MantisBT: Multiple vulnerabilities
2012-11-08 00:00:00