CVE-2014-2238

MantisBT <1.2.16 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in the manage configuration page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via the filter_config_id parameter.

Exploits (1)

metasploit WORKING POC

by Jakub Galczyk · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/mantisbt_admin_sqli.rb

View Code ZIP pw:eip

References (6)

[Vendor Advisory] http://mantisbt.domainunion.de/bugs/view.php?id=17055

[Patch] http://seclists.org/oss-sec/2014/q1/490

[Vendor Advisory] http://www.mantisbt.org/blog/?p=288

[Exploit] http://www.securityfocus.com/bid/65903

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/91563

[Mailing List] http://seclists.org/oss-sec/2014/q1/456

Scores

EPSS 0.4535

EPSS Percentile 97.6%

Details

CWE

CWE-89

Status published

Products (4)

mantisbt/mantisbt 1.2.13

mantisbt/mantisbt 1.2.14

mantisbt/mantisbt 1.2.15

mantisbt/mantisbt 1.2.16

Published Mar 05, 2014

Tracked Since Feb 18, 2026