View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0017823 | mantisbt | security | public | 2014-10-30 14:06 | 2018-09-04 02:49 |
Reporter | grangeway | Assigned To | dregad | ||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | closed | Resolution | duplicate | ||
Summary | 0017823: CVE-2014-8554 - SQL injection vulnerability in SOAP API | ||||
Description |
api/soap/mc_project_api.php | 2 +- diff --git a/api/soap/mc_project_api.php b/api/soap/mc_project_api.php Select the specific project
| ||||
Tags | No tags attached. | ||||
MantisBT: master-1.2.x 99ffb0af 2014-10-30 06:31 Details Diff |
SQL injection in mc_project_get_attachments() This is a follow-up on CVE-2014-1609 / issue 0016880. Edwin Gozeling and Wim Visser from ITsec Security Services BV (http://www.itsec.nl) discovered that the fix in 0016880 did not fully address the problem. Their research demonstrate that using a specially crafted project id parameter, an attacker could still perform an SQL injection. The same issue was also reported by Paul Richards in issue 0017823. This patch fixes the problem by typecasting the Project ID parameter to Integer. Fixes 0017812, CVE-2014-8554 |
Affected Issues 0016880, 0017812, 0017823 |
|
mod - api/soap/mc_project_api.php | Diff File | ||
MantisBT: master 5faf97ab 2014-10-30 06:31 Details Diff |
SQL injection in mc_project_get_attachments() This is a follow-up on CVE-2014-1609 / issue 0016880. Edwin Gozeling and Wim Visser from ITsec Security Services BV (http://www.itsec.nl) discovered that the fix in 0016880 did not fully address the problem. Their research demonstrate that using a specially crafted project id parameter, an attacker could still perform an SQL injection. The same issue was also reported by Paul Richards in issue 0017823. This patch fixes the problem by typecasting the Project ID parameter to Integer. Fixes 0017812, CVE-2014-8554 |
Affected Issues 0016880, 0017812, 0017823 |
|
mod - api/soap/mc_project_api.php | Diff File |