CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-1609

Multiple SQL injection vulnerabilities in MantisBT before 1.2.16 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to the (1) mc_project_get_attachments function in api/soap/mc_project_api.php; the (2) news_get_limited_rows function in core/news_api.php; the (3) summary_print_by_enum, (4) summary_print_by_age, (5) summary_print_by_developer, (6) summary_print_by_reporter, or (7) summary_print_by_category function in core/summary_api.php; the (8) create_bug_enum_summary or (9) enum_bug_group function in plugins/MantisGraph/core/graph_api.php; (10) bug_graph_bycategory.php or (11) bug_graph_bystatus.php in plugins/MantisGraph/pages/; or (12) proj_doc_page.php, related to use of the db_query function, a different vulnerability than CVE-2014-1608.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.0%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2014-1609

Mantisbt » Mantisbt » Version: N/A

cpe:2.3:a:mantisbt:mantisbt:-
Mantisbt » Mantisbt » Version: 0.18.0

cpe:2.3:a:mantisbt:mantisbt:0.18.0
Mantisbt » Mantisbt » Version: 0.19.0

cpe:2.3:a:mantisbt:mantisbt:0.19.0
Mantisbt » Mantisbt » Version: 0.19.1

cpe:2.3:a:mantisbt:mantisbt:0.19.1
Mantisbt » Mantisbt » Version: 0.19.2

cpe:2.3:a:mantisbt:mantisbt:0.19.2
Mantisbt » Mantisbt » Version: 0.19.3

cpe:2.3:a:mantisbt:mantisbt:0.19.3
Mantisbt » Mantisbt » Version: 0.19.4

cpe:2.3:a:mantisbt:mantisbt:0.19.4
Mantisbt » Mantisbt » Version: 0.19.5

cpe:2.3:a:mantisbt:mantisbt:0.19.5
Mantisbt » Mantisbt » Version: 1.0.0

cpe:2.3:a:mantisbt:mantisbt:1.0.0
Mantisbt » Mantisbt » Version: 1.0.1

cpe:2.3:a:mantisbt:mantisbt:1.0.1
Mantisbt » Mantisbt » Version: 1.0.2

cpe:2.3:a:mantisbt:mantisbt:1.0.2
Mantisbt » Mantisbt » Version: 1.0.3

cpe:2.3:a:mantisbt:mantisbt:1.0.3
Mantisbt » Mantisbt » Version: 1.0.4

cpe:2.3:a:mantisbt:mantisbt:1.0.4
Mantisbt » Mantisbt » Version: 1.0.5

cpe:2.3:a:mantisbt:mantisbt:1.0.5
Mantisbt » Mantisbt » Version: 1.0.6

cpe:2.3:a:mantisbt:mantisbt:1.0.6
Mantisbt » Mantisbt » Version: 1.0.7

cpe:2.3:a:mantisbt:mantisbt:1.0.7
Mantisbt » Mantisbt » Version: 1.0.8

cpe:2.3:a:mantisbt:mantisbt:1.0.8
Mantisbt » Mantisbt » Version: 1.0.9

cpe:2.3:a:mantisbt:mantisbt:1.0.9
Mantisbt » Mantisbt » Version: 1.1.0

cpe:2.3:a:mantisbt:mantisbt:1.1.0
Mantisbt » Mantisbt » Version: 1.1.1

cpe:2.3:a:mantisbt:mantisbt:1.1.1
Mantisbt » Mantisbt » Version: 1.1.2

cpe:2.3:a:mantisbt:mantisbt:1.1.2
Mantisbt » Mantisbt » Version: 1.1.3

cpe:2.3:a:mantisbt:mantisbt:1.1.3
Mantisbt » Mantisbt » Version: 1.1.4

cpe:2.3:a:mantisbt:mantisbt:1.1.4
Mantisbt » Mantisbt » Version: 1.1.5

cpe:2.3:a:mantisbt:mantisbt:1.1.5
Mantisbt » Mantisbt » Version: 1.1.6

cpe:2.3:a:mantisbt:mantisbt:1.1.6
Mantisbt » Mantisbt » Version: 1.1.7

cpe:2.3:a:mantisbt:mantisbt:1.1.7
Mantisbt » Mantisbt » Version: 1.1.8

cpe:2.3:a:mantisbt:mantisbt:1.1.8
Mantisbt » Mantisbt » Version: 1.1.9

cpe:2.3:a:mantisbt:mantisbt:1.1.9
Mantisbt » Mantisbt » Version: 1.2.0

cpe:2.3:a:mantisbt:mantisbt:1.2.0
Mantisbt » Mantisbt » Version: 1.2.1

cpe:2.3:a:mantisbt:mantisbt:1.2.1
Mantisbt » Mantisbt » Version: 1.2.10

cpe:2.3:a:mantisbt:mantisbt:1.2.10
Mantisbt » Mantisbt » Version: 1.2.11

cpe:2.3:a:mantisbt:mantisbt:1.2.11
Mantisbt » Mantisbt » Version: 1.2.12

cpe:2.3:a:mantisbt:mantisbt:1.2.12
Mantisbt » Mantisbt » Version: 1.2.13

cpe:2.3:a:mantisbt:mantisbt:1.2.13
Mantisbt » Mantisbt » Version: 1.2.14

cpe:2.3:a:mantisbt:mantisbt:1.2.14
Mantisbt » Mantisbt » Version: 1.2.15

cpe:2.3:a:mantisbt:mantisbt:1.2.15
Mantisbt » Mantisbt » Version: 1.2.2

cpe:2.3:a:mantisbt:mantisbt:1.2.2
Mantisbt » Mantisbt » Version: 1.2.3

cpe:2.3:a:mantisbt:mantisbt:1.2.3
Mantisbt » Mantisbt » Version: 1.2.4

cpe:2.3:a:mantisbt:mantisbt:1.2.4
Mantisbt » Mantisbt » Version: 1.2.5

cpe:2.3:a:mantisbt:mantisbt:1.2.5
Mantisbt » Mantisbt » Version: 1.2.6

cpe:2.3:a:mantisbt:mantisbt:1.2.6
Mantisbt » Mantisbt » Version: 1.2.7

cpe:2.3:a:mantisbt:mantisbt:1.2.7
Mantisbt » Mantisbt » Version: 1.2.8

cpe:2.3:a:mantisbt:mantisbt:1.2.8
Mantisbt » Mantisbt » Version: 1.2.9

cpe:2.3:a:mantisbt:mantisbt:1.2.9
Debian » Debian Linux » Version: 7.0

cpe:2.3:o:debian:debian_linux:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-1609

Products

Pricing

Contact Us