Mantis Unspecified SQL Injection

2004-05-12T14:22:29
ID OSVDB:9095
Type osvdb
Reporter OSVDB
Modified 2004-05-12T14:22:29

Description

Vulnerability Description

Mantis contains a flaw that may allow a remote user to inject arbitrary SQL commands. No further details have been provided.

Solution Description

Upgrade to version 0.18.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Mantis contains a flaw that may allow a remote user to inject arbitrary SQL commands. No further details have been provided.

References:

Vendor URL: http://www.mantisbt.org/ Vendor Specific Advisory URL