Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable8901.PRM
HistoryFeb 18, 2015 - 12:00 a.m.

MantisBT 1.2.13 < 1.2.17 SQLi

2015-02-1800:00:00
Tenable
www.tenable.com
5
JSON

The remote web server is hosting MantisBT, an open source bug tracking application written in PHP.

Versions of MantisBT 1.2.13 prior to 1.2.17 are affected by an input validation error related to the β€˜filter_config_id’ parameter in the script β€˜admin_config_report.php’, which could allow SQL injection attacks. This may allow an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Binary data 8901.prm
VendorProductVersionCPE
mantisbtmantisbtcpe:/a:mantisbt:mantisbt
JSON