2 matches found
CVE-2006-0840
manageuserpage.php in Mantis 1.00rc4 and earlier does not properly handle a sort parameter containing a ' quote character, which allows remote attackers to trigger a SQL error that may be repeatedly reported to a user who makes subsequent web accesses with the MANTISMANAGECOOKIE cookie. NOTE: thi...
CVE-2006-0840
CVE-2006-0840 affects Mantis 1.00rc4 and earlier: manage_user_page.php mishandles a sort parameter containing a single quote, allowing remote attackers to trigger a SQL error that may be repeatedly reported to users via the MANTIS_MANAGE_COOKIE. This description is aligned with the related CVE-20...