MantisBT 'mc_issue_attachment_get' SOAP API SQL Injection Vulnerability

Bugtraq ID: 65445
Class: Input Validation Error
CVE: CVE-2014-1608
Remote: Yes
Local: No
Published: Jan 24 2014 12:00AM
Updated: Sep 22 2014 06:19PM
Credit: Martin Herfurt
Vulnerable: Mantisbt Mantisbt 1.2.9
Mantisbt Mantisbt 1.2.8
Mantisbt Mantisbt 1.2.7
Mantisbt Mantisbt 1.2.6
Mantisbt Mantisbt 1.2.4
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 1.1.8
Mantisbt Mantisbt 1.1.7
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.1.6
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.1.2
Mantisbt Mantisbt 1.1.1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus