exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2014-6316

около 11 лет назад

core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php.

CVSS2: 5.8

EPSS: Низкий

CVE-2014-6316

около 11 лет назад

core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php.

CVSS2: 5.8

EPSS: Низкий

CVE-2014-6316

около 11 лет назад

core/string_api.php in MantisBT before 1.2.18 does not properly catego ...

CVSS2: 5.8

EPSS: Низкий

GHSA-gr3x-2r26-g8jg

больше 3 лет назад

core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php.

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2014-6316 core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php.	CVSS2: 5.8	1% Низкий	около 11 лет назад
CVE-2014-6316 core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php.	CVSS2: 5.8	1% Низкий	около 11 лет назад
CVE-2014-6316 core/string_api.php in MantisBT before 1.2.18 does not properly catego ...	CVSS2: 5.8	1% Низкий	около 11 лет назад
GHSA-gr3x-2r26-g8jg core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php.		1% Низкий	больше 3 лет назад

Уязвимостей на страницу