MantisBT 'file_download.php' HTML Injection Vulnerability

Bugtraq ID: 71380
Class: Input Validation Error
CVE: CVE-2014-9271
Remote: Yes
Local: No
Published: Dec 01 2014 12:00AM
Updated: Jan 12 2015 12:01AM
Credit: Mathias Karlsson
Vulnerable: Mantisbt Mantisbt 1.2.9
Mantisbt Mantisbt 1.2.8
Mantisbt Mantisbt 1.2.7
Mantisbt Mantisbt 1.2.6
Mantisbt Mantisbt 1.2.4
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 1.1.8
Mantisbt Mantisbt 1.1.7
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.0.8
Mantisbt Mantisbt 1.0.7
Mantisbt Mantisbt 1.0.6
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.1.6
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.1.2
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.0.5
Mantisbt Mantisbt 1.0.4
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 1.0.1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus