First published: Wed Mar 05 2014(Updated: )
SQL injection vulnerability in the manage configuration page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via the filter_config_id parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mantisbt Mantisbt | =1.2.13 | |
Mantisbt Mantisbt | =1.2.14 | |
Mantisbt Mantisbt | =1.2.15 | |
Mantisbt Mantisbt | =1.2.16 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.