|
Mantis Account Update SQL Injection Vulnerability
Solution: The vendor has included a source code fix. This issue may be addressed by inserting the following lines into account_update.php somewhere in a PHP block prior to where the SQL queries are executed: $f_username = addslashes($f_username); $f_email = addslashes($f_email); This vulnerability has been patched: Mantis Mantis 0.15.10
Mantis Mantis 0.15.11
Mantis Mantis 0.15.12
Mantis Mantis 0.15.3
Mantis Mantis 0.15.4
Mantis Mantis 0.15.5
Mantis Mantis 0.15.6
Mantis Mantis 0.15.7
Mantis Mantis 0.15.8
Mantis Mantis 0.15.9
Mantis Mantis 0.16 .0
Mantis Mantis 0.16.1
Mantis Mantis 0.17 .0
Mantis Mantis 0.17.1
Mantis Mantis 0.17.2
|
|
 Privacy Statement |
