accept no compromises
Showing 1 - 5 of 5 RSS Feed

Files

MantisBT CMS SQL Injection / Cross Site Scripting
Posted Aug 18, 2011
Authored by Net.Edit0r

MantisBT CMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 40344d86063c641c9c26b485c9613700

Related Files

MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
Posted Jan 29, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2014-9571, CVE-2014-9572, CVE-2014-9573
MD5 | 0f926f4efcc5bff0d41478179110cb8b
Mantis BugTracker 1.2.17 XSS / DoS / Redirect
Posted Jan 5, 2015
Authored by Mathias Karlsson, Paul Richards, Alejo Popovici, Ryan Giobbi, Shahee Mirza

Mantis BugTracker version 1.2.17 suffers from denial of service, potential cross site scripting, and arbitrary redirection vulnerabilities.

tags | advisory, denial of service, arbitrary, vulnerability, xss
advisories | CVE-2014-6316, CVE-2014-8987, CVE-2014-9117
MD5 | d36912d0c9fe479d0ccf9e67dfd1fa43
MantisBT XmlImportExport Plugin PHP Code Injection
Posted Nov 18, 2014
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a post-auth vulnerability found in MantisBT versions 1.2.0a3 up to 1.2.17 when the Import/Export plugin is installed. The vulnerable code exists on plugins/XmlImportExport/ImportXml.php, which receives user input through the "description" field and the "issuelink" attribute of an uploaded XML file and passes to preg_replace() function with the /e modifier. This allows a remote authenticated attacker to execute arbitrary PHP code on the remote machine.

tags | exploit, remote, arbitrary, php
advisories | CVE-2014-7146
MD5 | 3a24e0e940ae20b57789e18c70afbd73
MantisBT 1.2.16 SQL Injection
Posted Mar 2, 2014
Authored by HauntIT

MantisBT version 1.2.16 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ae9b7f409aeaf107f0becf7b51d36ba0
MantisBT 1.2.7 Cross Site Scripting / Local File Inclusion
Posted Sep 7, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

MantisBT version 1.2.7 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
MD5 | cb505d8b140e3984802b82eb616dd8c6
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close