Описание
Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the db_type parameter, related to an unsafe call by MantisBT to a function in the ADOdb Library for PHP.
Ссылки
- ExploitPatch
- ExploitPatch
- ExploitPatch
- ExploitPatch
- ExploitPatch
- ExploitPatch
- ExploitPatch
Уязвимые конфигурации
Одно из
EPSS
5.1 Medium
CVSS2
Дефекты
Связанные уязвимости
Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the db_type parameter, related to an unsafe call by MantisBT to a function in the ADOdb Library for PHP.
Directory traversal vulnerability in admin/upgrade_unattended.php in M ...
Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the db_type parameter, related to an unsafe call by MantisBT to a function in the ADOdb Library for PHP.
EPSS
5.1 Medium
CVSS2