MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability Network Vulnerability

Summary

Mantis is prone to a local file-include vulnerability because it fails to properly sanitize user supplied input. Input passed thru the 'db_type' parameter (GET & POST) to upgrade_unattended.php script is not properly verified before being used to include files. Mantis is also prone to a cross-site scripting attack.

References

http://www.mantisbt.org/bugs/view.php?id=12607
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4984.php

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability
Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
Apache ActiveMQ Multiple Vulnerabilities
Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
Apache Archiva Home Page Cross-Site Scripting vulnerability

Take action and discover your vulnerabilities