MantisBT Incomplete Fix Multiple SQL Injection Vulnerabilities

Bugtraq ID: 70856
Class: Input Validation Error
CVE: CVE-2014-8554
Remote: Yes
Local: No
Published: Oct 30 2014 12:00AM
Updated: Apr 13 2015 09:26PM
Credit: Edwin Gozeling and Wim Visser
Vulnerable: Mantisbt Mantisbt 1.2.17
Mantisbt Mantisbt 1.2.16
Mantisbt Mantisbt 1.2.15
Mantisbt Mantisbt 1.2.14
Mantisbt Mantisbt 1.2.13
Mantisbt Mantisbt 1.2.12
Mantisbt Mantisbt 1.2.11
Mantisbt Mantisbt 1.2.10
Mantisbt Mantisbt 1.2.9
Mantisbt Mantisbt 1.2.8
Mantisbt Mantisbt 1.2.7
Mantisbt Mantisbt 1.2.6
Mantisbt Mantisbt 1.2.4
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 1.1.8
Mantisbt Mantisbt 1.1.7
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.1.9
Mantisbt Mantisbt 1.1.6
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.1.3
Mantisbt Mantisbt 1.1.2
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.1.0 A4
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: Mantisbt Mantisbt 1.2.18


 

Privacy Statement
Copyright 2010, SecurityFocus