Lucene search
K

7 matches found

UbuntuCve
UbuntuCve
added 2014/03/18 5:3 p.m.34 views

CVE-2014-1608

SQL injection vulnerability in the mcifileget function in api/soap/mcfileapi.php in MantisBT before 1.2.16 allows remote attackers to execute arbitrary SQL commands via a crafted envelope tag in a mcissueattachmentget SOAP request...

7.5CVSS6.2AI score0.03141EPSS
Exploits2References5
NVD
NVD
added 2014/03/18 5:3 p.m.22 views

CVE-2014-1608

SQL injection vulnerability in the mcifileget function in api/soap/mcfileapi.php in MantisBT before 1.2.16 allows remote attackers to execute arbitrary SQL commands via a crafted envelope tag in a mcissueattachmentget SOAP request...

7.5CVSS7.9AI score0.03141EPSS
Exploits2References8
CVE
CVE
added 2014/03/18 2:0 p.m.75 views

CVE-2014-1608

The CVE-2014-1608 issue affects MantisBT affected versions prior to 1.2.16. It arises from the mci_file_get function in api/soap/mc_file_api.php, where unsafely constructed SQL via the db_query path in the mc_issue_attachment_get SOAP request, allowing remote attackers to execute arbitrary SQL co...

7.5CVSS6.8AI score0.03141EPSS
Exploits2References8Affected Software1
Cvelist
Cvelist
added 2014/03/18 2:0 p.m.33 views

CVE-2014-1608

SQL injection vulnerability in the mcifileget function in api/soap/mcfileapi.php in MantisBT before 1.2.16 allows remote attackers to execute arbitrary SQL commands via a crafted envelope tag in a mcissueattachmentget SOAP request...

6.8AI score0.03141EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2014/03/17 12:0 a.m.37 views

Fedora Update for mantis FEDORA-2014-3440

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.5AI score0.11311EPSS
Exploits12References2
OpenVAS
OpenVAS
added 2014/03/17 12:0 a.m.29 views

Fedora Update for mantis FEDORA-2014-3421

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.03141EPSS
Exploits3References2
securityvulns
securityvulns
added 2014/02/11 12:0 a.m.78 views

[oCERT-2014-001] MantisBT input sanitization errors

2014-001 MantisBT input sanitization errors Description: The MantisBT web-based bugtracking system suffers from SQL injection vulnerabilities caused by insufficient input sanitization. The MantisBT SOAP API uses the unsafe dbquery function allowing a specially crafted tag within the envelope of a...

7.5CVSS0.4AI score0.03141EPSS
Exploits3
Rows per page
Query Builder