11 matches found
Fedora Update for mantis FEDORA-2015-12010
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MantisBT 1.3.0-beta.1 Multiple Vulnerabilities
Binary data 8907.prm...
Fedora 20 : mantis-1.2.19-1.fc20 (2015-1364)
Security fix for CVE-2014-9571, CVE-2014-9572, CVE-2014-9573 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 21 : mantis-1.2.19-1.fc21 (2015-1419)
Security fix for CVE-2014-9571, CVE-2014-9572, CVE-2014-9573 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora Update for mantis FEDORA-2015-1419
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Multiple vulnerabilities in MantisBT
Advisory ID: HTB23243 Product: MantisBT Vendor: MantisBT Team Vulnerable Versions: 1.2.17 and probably prior Tested Version: 1.2.17 Advisory Publication: December 3, 2014 without technical details Vendor Notification: December 3, 2014 Vendor Patch: January 25, 2015 Public Disclosure: January 28,...
MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection Vulnerabilities
MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities. Product: MantisBT Vendor: MantisBT Team Vulnerable Versions: 1.2.17 and probably prior Tested Version: 1.2.17 Advisory Publication: December 3, 2014 without technical...
MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
Advisory ID: HTB23243 Product: MantisBT Vendor: MantisBT Team Vulnerable Versions: 1.2.17 and probably prior Tested Version: 1.2.17 Advisory Publication: December 3, 2014 without technical details Vendor Notification: December 3, 2014 Vendor Patch: January 25, 2015 Public Disclosure: January 28,...
CVE-2014-9573
SQL injection vulnerability in manageuserpage.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote administrators with FILE privileges to execute arbitrary SQL commands via the MANTISMANAGEUSERSCOOKIE cookie...
CVE-2014-9573
SQL injection vulnerability in manageuserpage.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote administrators with FILE privileges to execute arbitrary SQL commands via the MANTISMANAGEUSERSCOOKIE cookie...
CVE-2014-9573
CVE-2014-9573 is a SQL injection flaw in MantisBT: the vulnerability exists in manage_user_page.php when handling the MANTIS_MANAGE_USERS_COOKIE cookie, exploitable by remote admins with FILE privileges to run arbitrary SQL. Affected are MantisBT releases before 1.2.19 and 1.3.x before 1.3.0-beta...