CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
83.0%
The remote web server is hosting MantisBT, an open source bug tracking application written in PHP.
Versions of MantisBT 1.1.0 prior to 1.2.16 are potentially affected by multiple vulnerabilities :
A cross-site scripting vulnerability exists because the application does not validate the ‘project_id’ parameter upon submission to the ‘account_sponsor_page.php’ script. This may allow a malicious user with ‘project manager’ access to execute arbitrary script code within the browser / server trust relationship with a specially crafted request. (CVE-2013-4460)
A SQL injection vulnerability exists due to the ‘db_query()’ function not properly sanitizing user-supplied input passed via a ‘mc_issue_attachment_get’ SOAP request. This may allow an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data. This issue affects version 1.1.0a4 or later. (CVE-2014-1608)
Multiple SQL injection flaws exist in ‘core/news_api.php’, ‘core/summary_api.php’, ‘plugins/MantisGraph/core/graph_api.php’, ‘api/soap/mc_project_api.php’, and ‘proj_doc_page.php’ pages. This could allow a remote attacker to inject or manipulate SQL queries, allowing for the manipulation or disclosure of arbitrary data. This issue only affects versions 1.2.0 - 1.2.15. (CVE-2014-1609)
Binary data 8900.prm