Lucene search
K

8 matches found

Exploit DB
Exploit DB
added 2018/05/10 12:0 a.m.62 views

Mantis Bug Tracker 1.1.3 - 'manage_proj_page' PHP Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mantis manageprojpage PHP Code Execution', 'Description' = %q Mantis v1.1.3 and earlier are vulnerable to a post-authentication Remote Code...

9CVSS6.7AI score0.67453EPSS
Exploits4
Packet Storm
Packet Storm
added 2018/05/09 12:0 a.m.48 views

Mantis manage_proj_page PHP Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mantis manageprojpage PHP Code Execution', 'Description' = %q Mantis v1.1.3 and earlier are vulnerable to a post-authentication Remote Code...

9CVSS0.1AI score0.67453EPSS
Exploits4
OpenVAS
OpenVAS
added 2008/12/10 12:0 a.m.28 views

FreeBSD Ports: mantis

The remote host is missing an update to the system as announced in the referenced advisory. VID af2745c0-c3e0-11dd-a721-0030843d3802 OpenVAS Vulnerability Test $ Description: Auto generated from VID af2745c0-c3e0-11dd-a721-0030843d3802 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

9CVSS0.5AI score0.67453EPSS
Exploits4
OpenVAS
OpenVAS
added 2008/12/10 12:0 a.m.16 views

FreeBSD Ports: mantis

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9CVSS6.6AI score0.67453EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2008/12/03 12:0 a.m.39 views

GLSA-200812-07 : Mantis: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200812-07 Mantis: Multiple vulnerabilities Multiple issues have been reported in Mantis: EgiX reported that manageprojpage.php does not correctly sanitize the sort parameter before passing it to createfunction in core/utilityapi.p...

9CVSS6AI score0.67453EPSS
Exploits5References5
UbuntuCve
UbuntuCve
added 2008/10/22 6:0 p.m.31 views

CVE-2008-4687

manageprojpage.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by createfunction within the multisort function in core/utilityapi.php...

9CVSS6.2AI score0.67453EPSS
Exploits4References1
CVE
CVE
added 2008/10/22 5:0 p.m.59 views

CVE-2008-4687

CVE-2008-4687 is a post-authentication remote code execution vulnerability in MantisBT where the sort parameter of manage_proj_page.php is unsafely passed to PHP create_function() within core/utility_api.php. Affected software includes MantisBT versions up to 1.1.3; versions 1.1.4 and later are i...

9CVSS7AI score0.67453EPSS
Exploits4References13Affected Software1
Circl
Circl
added 2008/10/16 12:0 a.m.27 views

CVE-2008-4687

creationtimestamp| type| source ---|---|--- 2008-10-16 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6768 2018-05-10 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44611 2018-05-29 15:50:33+00:00| seen|...

9CVSS5.7AI score0.67453EPSS
Exploits4References3
Rows per page
Query Builder