7.5

CVE-2002-1113

Exploit
summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MantisMantis Version0.15.3
MantisMantis Version0.15.4
MantisMantis Version0.15.5
MantisMantis Version0.15.6
MantisMantis Version0.15.7
MantisMantis Version0.15.8
MantisMantis Version0.15.9
MantisMantis Version0.15.10
MantisMantis Version0.15.11
MantisMantis Version0.15.12
MantisMantis Version0.16.0
MantisMantis Version0.16.1
MantisMantis Version0.17.0
MantisMantis Version0.17.1
MantisMantis Version0.17.2
MantisMantis Version0.17.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.27% 0.868
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.debian.org/security/2002/dsa-153
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=102927873301965&w=2
http://marc.info/?l=bugtraq&m=102978924821040&w=2
http://www.osvdb.org/4858
http://www.securityfocus.com/bid/5504
Patch
Vendor Advisory
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/9829