Lucene search
K

15 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.282 views

MantisBT Admin SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MantisBT Admin SQL Injection Arbitrary File Read", 'Description' = %q Versions 1.2.13 through 1.2.16 are vulnerable to a SQL injection attack if ...

6.5CVSS7AI score0.11311EPSS
Exploits8
Circl
Circl
added 2018/05/29 3:50 p.m.11 views

CVE-2014-2238

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/mantisbtadminsqli.rb 2025-02-06 03:13:41+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:27+00:00| seen|...

6.5CVSS5.5AI score0.11311EPSS
Exploits8References1
Tenable Nessus
Tenable Nessus
added 2015/01/22 12:0 a.m.83 views

MantisBT 1.2.13 - 1.2.16 'admin_config_report.php' SQLi

According to its version number, the MantisBT application hosted on the remote web server is 1.2.13 or later but prior to 1.2.17. It is, therefore, affected by an input validation error related to the 'filterconfigid' parameter in the script 'adminconfigreport.php', which could allow SQL injectio...

6.5CVSS5.8AI score0.11311EPSS
Exploits8References5
0day.today
0day.today
added 2015/01/14 12:0 a.m.123 views

Wordpress Photo Gallery Unauthenticated SQL Injection User Enumeration Exploit

This Metasploit module exploits an unauthenticated SQL injection in order to enumerate the Wordpress users tables, including password hashes. This Metasploit module was tested against version 1.2.7. This module requires Metasploit: http://metasploit.com/download Current source:...

6.5CVSS7.7AI score0.11311EPSS
Exploits8
Packet Storm
Packet Storm
added 2015/01/13 12:0 a.m.47 views

Wordpress Photo Gallery Unauthenticated SQL Injection User Enumeration

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 "Wordpress Photo Gallery Unauthenticated SQL Injection User Enumeration", 'Description' = %q This module exploits an unauthenticated...

6.5CVSS1AI score0.11311EPSS
Exploits8
OpenVAS
OpenVAS
added 2014/12/21 12:0 a.m.34 views

Fedora Update for mantis FEDORA-2014-16546

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868626";...

7.5CVSS6.2AI score0.50561EPSS
Exploits22References2
OpenVAS
OpenVAS
added 2014/12/21 12:0 a.m.32 views

Fedora Update for mantis FEDORA-2014-16504

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868624";...

7.5CVSS5.9AI score0.50561EPSS
Exploits23References2
OpenVAS
OpenVAS
added 2014/12/12 12:0 a.m.55 views

Fedora Update for mantis FEDORA-2014-15079

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868569";...

7.5CVSS5.7AI score0.50561EPSS
Exploits20References2
OpenVAS
OpenVAS
added 2014/10/13 12:0 a.m.30 views

Fedora Update for mantis FEDORA-2014-12146

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868392";...

6.5CVSS5.9AI score0.11311EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2014/10/13 12:0 a.m.45 views

Fedora Update for mantis FEDORA-2014-12165

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868393";...

6.5CVSS5.4AI score0.11311EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2014/03/17 12:0 a.m.37 views

Fedora Update for mantis FEDORA-2014-3440

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.5AI score0.11311EPSS
Exploits12References2
OpenVAS
OpenVAS
added 2014/03/17 12:0 a.m.29 views

Fedora Update for mantis FEDORA-2014-3421

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.03141EPSS
Exploits3References2
UbuntuCve
UbuntuCve
added 2014/03/05 4:37 p.m.34 views

CVE-2014-2238

SQL injection vulnerability in the manage configuration page admconfigreport.php in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via the filterconfigid parameter...

6.5CVSS6.2AI score0.11311EPSS
Exploits8References5
CVE
CVE
added 2014/03/05 3:0 p.m.69 views

CVE-2014-2238

CVE-2014-2238 is a SQL injection vulnerability in MantisBT’s admin_config_report.php used by versions 1.2.13 through 1.2.16. The issue arises in the handling of the filter_config_id parameter, enabling a remote authenticated administrator to execute arbitrary SQL commands. Multiple connected sour...

6.5CVSS6.5AI score0.11311EPSS
Exploits8References6Affected Software1
Cvelist
Cvelist
added 2014/03/05 3:0 p.m.29 views

CVE-2014-2238

SQL injection vulnerability in the manage configuration page admconfigreport.php in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via the filterconfigid parameter...

6.6AI score0.11311EPSS
Exploits8References6
Rows per page
Query Builder