9 matches found
EUVD-2020-20872
Malware in sbrugna...
MantisBT SQL Injection via mc_project_get_users function
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mcprojectgetusers function through the API SOAP...
GHSA-49W9-82CJ-XR48 MantisBT SQL Injection via mc_project_get_users function
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mcprojectgetusers function through the API SOAP...
MantisBT SQL Injection Vulnerability (CNVD-2021-01533)
MantisBT is a lightweight, free and open source, web-based defect tracking system. A SQL injection vulnerability exists in the "access" parameter of the mcprojectgetusers function in MantisBT 2.24.3. An attacker can exploit this vulnerability via API SOAP to conduct SQL injection attacks...
CVE-2020-28413
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mcprojectgetusers function through the API SOAP...
CVE-2020-28413
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mcprojectgetusers function through the API SOAP...
Sql injection
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mcprojectgetusers function through the API SOAP...
CVE-2020-28413
CVE-2020-28413 affects MantisBT 2.24.3, where the SQL injection occurs in the parameter “access” of the mc_project_get_users function via the SOAP API. The vulnerability is triggered remotely over the network with low attack complexity, as indicated by the CVSS vectors (v3.1: AV:N/AC:L/PR:L/UI:N/...
CVE-2020-28413
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mcprojectgetusers function through the API SOAP...