Описание
Directory traversal vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter, related to bug_actiongroup_page.php.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | released | 1.1.8+dfsg-10squeeze2 |
| oneiric | released | 1.2.8-1 |
| precise | released | 1.2.8-1 |
| quantal | released | 1.2.8-1 |
| raring | released | 1.2.8-1 |
| saucy | released | 1.2.8-1 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter, related to bug_actiongroup_page.php.
Directory traversal vulnerability in bug_actiongroup_ext_page.php in M ...
Directory traversal vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter, related to bug_actiongroup_page.php.
EPSS
6.8 Medium
CVSS2