CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1734

PHP remote file inclusion vulnerability in Mantis 0.19.0a allows remote attackers to execute arbitrary PHP code by modifying the (1) t_core_path parameter to bug_api.php or (2) t_core_dir parameter to relationship_api.php to reference a URL on a remote web server that contains the code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.2%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=109313416727851&w=2
http://www.securityfocus.com/bid/10993
https://exchange.xforce.ibmcloud.com/vulnerabilities/17065
http://marc.info/?l=bugtraq&m=109313416727851&w=2
http://www.securityfocus.com/bid/10993
https://exchange.xforce.ibmcloud.com/vulnerabilities/17065

Products affected by CVE-2004-1734

Mantis » Mantis » Version: 0.19.0a

cpe:2.3:a:mantis:mantis:0.19.0a

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1734

Products

Pricing

Contact Us