← Back

CVE-2002-1110

nvd nist
Published: Oct 4, 2002Modified: Apr 16, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_update.php.

Affected (15)

Products: Mantis: Mantis
Mantis
1 product
Mantis
Configuration A
15 vulnerable
Vulnerable SoftwareAffected Versions
Mantis
Mantis
Version 0.15.10
Mantis
Version 0.15.11
Mantis
Version 0.15.12
Mantis
Version 0.15.3
Mantis
Version 0.15.4
Mantis
Version 0.15.5
Mantis
Version 0.15.6
Mantis
Version 0.15.7
Mantis
Version 0.15.8
Mantis
Version 0.15.9
Mantis
Version 0.16.0
Mantis
Version 0.16.1
Mantis
Version 0.17.0
Mantis
Version 0.17.1
Mantis
Version 0.17.2

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.