exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2014-7146

около 11 лет назад

The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a crafted (1) description field or (2) issuelink attribute in an XML file, which is not properly handled when executing the preg_replace function with the e modifier.

CVSS2: 7.5

EPSS: Высокий

CVE-2014-7146

около 11 лет назад

The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a crafted (1) description field or (2) issuelink attribute in an XML file, which is not properly handled when executing the preg_replace function with the e modifier.

CVSS2: 7.5

EPSS: Высокий

CVE-2014-7146

около 11 лет назад

The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remot ...

CVSS2: 7.5

EPSS: Высокий

GHSA-7fwg-rf8j-m3gv

больше 3 лет назад

The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a crafted (1) description field or (2) issuelink attribute in an XML file, which is not properly handled when executing the preg_replace function with the e modifier.

EPSS: Высокий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2014-7146 The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a crafted (1) description field or (2) issuelink attribute in an XML file, which is not properly handled when executing the preg_replace function with the e modifier.	CVSS2: 7.5	80% Высокий	около 11 лет назад
CVE-2014-7146 The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a crafted (1) description field or (2) issuelink attribute in an XML file, which is not properly handled when executing the preg_replace function with the e modifier.	CVSS2: 7.5	80% Высокий	около 11 лет назад
CVE-2014-7146 The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remot ...	CVSS2: 7.5	80% Высокий	около 11 лет назад
GHSA-7fwg-rf8j-m3gv The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a crafted (1) description field or (2) issuelink attribute in an XML file, which is not properly handled when executing the preg_replace function with the e modifier.		80% Высокий	больше 3 лет назад

Уязвимостей на страницу