exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 2 of 2 RSS Feed

CVE-2014-9117

Status Candidate

Overview

MantisBT before 1.2.18 uses the public_key parameter value as the key to the CAPTCHA answer, which allows remote attackers to bypass the CAPTCHA protection mechanism by leveraging knowledge of a CAPTCHA answer for a public_key parameter value, as demonstrated by E4652 for the public_key value 0.

Related Files

Debian Security Advisory 3120-1
Posted Jan 7, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3120-1 - Multiple security issues have been found in the Mantis bug tracking system, which may result in phishing, information disclosure, CAPTCHA bypass, SQL injection, cross-site scripting or the execution of arbitrary PHP code.

tags | advisory, arbitrary, php, xss, sql injection, info disclosure
systems | linux, debian
advisories | CVE-2014-6316, CVE-2014-7146, CVE-2014-8553, CVE-2014-8554, CVE-2014-8598, CVE-2014-8986, CVE-2014-8988, CVE-2014-9089, CVE-2014-9117, CVE-2014-9269, CVE-2014-9270, CVE-2014-9271, CVE-2014-9272, CVE-2014-9280, CVE-2014-9281, CVE-2014-9388
SHA-256 | 8b72c564f64e337de7047ae5659136032afcdbff013f3cec70d686cb7d778df9
Download | Favorite | View
Mantis BugTracker 1.2.17 XSS / DoS / Redirect
Posted Jan 5, 2015
Authored by Mathias Karlsson, Paul Richards, Alejo Popovici, Ryan Giobbi, Shahee Mirza

Mantis BugTracker version 1.2.17 suffers from denial of service, potential cross site scripting, and arbitrary redirection vulnerabilities.

tags | advisory, denial of service, arbitrary, vulnerability, xss
advisories | CVE-2014-6316, CVE-2014-8987, CVE-2014-9117
SHA-256 | 73dc034d9a5622082847c13fa1d43e825d41a1ee7d9873124267bbb560c947f2
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close