Source Control Integration - MantisBT - Signup temporarily disabled due to spam

Author	Committer	Branch	Timestamp	Parent
Paul Richards	dregad	master-1.2.x	2014-01-17 11:24	master-1.2.x 00b4c170
Affected Issues	0016880: CVE-2014-1609: SQL injection vulnerabilities
Changeset	Fix CVE-2014-1609: SQL injection vulnerabilities Additional cases of db_query() instead of db_query_bound() usage, potentially allowing SQL injection attacks due to unsanitized use of parameters within the query. This includes vboctor's 2 comments. Fixes 0016880 Signed-off-by: Damien Regad dregad@mantisbt.org Conflicts: admin/db_stats.php plugins/MantisGraph/pages/bug_graph_bycategory.php plugins/MantisGraph/pages/bug_graph_bystatus.php proj_doc_page.php
	mod - admin/db_stats.php			Diff File
	mod - api/soap/mc_project_api.php			Diff File
	mod - core/news_api.php			Diff File
	mod - core/summary_api.php			Diff File
	mod - plugins/MantisGraph/core/graph_api.php			Diff File
	mod - plugins/MantisGraph/pages/bug_graph_bycategory.php			Diff File
	mod - plugins/MantisGraph/pages/bug_graph_bystatus.php			Diff File
	mod - proj_doc_page.php			Diff File