1. CVE-Search
  2. CVE-2005-3336
ID CVE-2005-3336
Summary SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:mantis:mantis:0.19.2:*:*:*:*:*:*:*
    cpe:2.3:a:mantis:mantis:0.19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mantis:mantis:1.0.0_rc2:*:*:*:*:*:*:*
    cpe:2.3:a:mantis:mantis:1.0.0_rc2:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 08-03-2011 - 02:26)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 15227
confirm
debian DSA-905
gentoo GLSA-200510-24
osvdb 20324
secunia
  • 16506
  • 16818
  • 17362
  • 17654
vupen ADV-2005-2221
Last major update 08-03-2011 - 02:26
Published 27-10-2005 - 10:02
Last modified 08-03-2011 - 02:26
Back to Top