Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
manage_user_page.php in Mantis 1.00rc4 and earlier does not properly handle a sort parameter containing a ' (quote) character, which allows remote attackers to trigger a SQL error that may be repeatedly reported to a user who makes subsequent web accesses with the MANTIS_MANAGE_COOKIE cookie. NOTE: this issue might be the same as vector 2 in CVE-2005-4519.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mantis多个输入验证漏洞
Vulnerability Description
Mantis 1.00rc4及之前版本的manage_user_page.php没有正确处理包含'(引用)字符的sort参数,从而可使远程攻击者触发SQL错误,系统会反复向使用MANTIS_MANAGE_COOKIE cookie进行后续web访问的用户报告这个错误。
CVSS Information
N/A
Vulnerability Type
N/A