CVE-2014-9573

SQL injection vulnerability in manage_user_page.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote administrators with FILE privileges to execute arbitrary SQL commands via the MANTIS_MANAGE_USERS_COOKIE cookie.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*
cpe:2.3:a:mantisbt:mantisbt:1.3.0:beta1:*:*:*:*:*:*

Information

Published : 2015-01-26 07:59

Updated : 2017-09-07 18:29


NVD link : CVE-2014-9573

Mitre link : CVE-2014-9573


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

mantisbt

  • mantisbt