3 matches found
Gentoo Security Advisory GLSA 200510-24 (Mantis)
The remote host is missing updates announced in advisory GLSA 200510-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD : mantis -- 't_core_path' file inclusion vulnerability (82a41084-6ce7-11da-b90c-000e0c2e438a)
Secunia Research reports : Input passed to the 'tcorepath' parameter in 'bugsponsorshiplistviewinc.php' isn't properly verified, before it used to include files. This can be exploited to include arbitrary files from external and local resources. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2005-3335
PHP file inclusion vulnerability in bugsponsorshiplistviewinc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the tcorepath parameter...