Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2014-7146

Published: 18/11/2014 Updated: 08/09/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 760
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Mantisbt

Vulnerability Summary

The XmlImportExport plugin in MantisBT 1.2.17 and previous versions allows remote malicious users to execute arbitrary PHP code via a crafted (1) description field or (2) issuelink attribute in an XML file, which is not properly handled when executing the preg_replace function with the e modifier.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mantisbt mantisbt 1.2.17

Vendor Advisories

Debian Security Advisories: DSA-3120-1 mantis -- security update
Multiple security issues have been found in the Mantis bug tracking system, which may result in phishing, information disclosure, CAPTCHA bypass, SQL injection, cross-site scripting or the execution of arbitrary PHP code For the stable distribution (wheezy), these problems have been fixed in version 1218-1 We recommend that you upgrade your man ...

Exploits

Exploit DB: Mantis Bug Tracker 1.2.17 PHP Code Injection
Mantis Bug Tracker versions 120 through 1217 suffer from a PHP code injection vulnerability ...
Exploit DB: Mantis Bug Tracker 1.2.0a3 < 1.2.17 XmlImportExport Plugin - PHP Code Injection (Metasploit) (1)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class MetasploitModule &lt; Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::HttpClient include REXML def initialize(info = {}) super(update_info(info, ...
Exploit DB: Mantis Bug Tracker 1.2.0a3 < 1.2.17 XmlImportExport Plugin - PHP Code Injection (Metasploit) (2)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 &lt; Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' =& ...

References

CWE-20http://seclists.org/oss-sec/2014/q4/576https://github.com/mantisbt/mantisbt/commit/bed19db9http://www.mantisbt.org/bugs/view.php?id=17725http://www.securityfocus.com/bid/70993https://github.com/mantisbt/mantisbt/commit/84017535http://www.debian.org/security/2015/dsa-3120http://secunia.com/advisories/62101https://exchange.xforce.ibmcloud.com/vulnerabilities/98572https://nvd.nist.govhttps://www.debian.org/security/./dsa-3120https://www.exploit-db.com/exploits/41685/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook