CVE-2002-1110
Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magicquotesgpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to accountupdate.php...