View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0006490 | mantisbt | security | public | 2005-12-11 21:41 | 2006-10-09 11:55 |
Reporter | thraxisp | Assigned To | thraxisp | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | git trunk | ||||
Fixed in Version | 1.1.0a1 | ||||
Summary | 0006490: Port Injection Vulnerabilities in Filters (TKADV2005-11-002) | ||||
Description | From Tobias Klein (tk at trapkit.de) [1] SQL Injection Possible damage: Critical HTTP method: GET Vulnerability description: Mantis is prone to a SQL injection vulnerability. This issue is Successful exploitation could result in a compromise of the Vulnerable URL:
Proof of Concept: [path_to_mantis]/view_all_set.php?sort=priority' plus I came across several security related problems in the latest version of /view_all_set.php: GET: ?type=1&show_resolution=[XSS] GET: ?type=1&highlight_changed=[XSS] | ||||
Tags | No tags attached. | ||||