CVE-2015-5059: CVE-2015-5059

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-5059

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files ($g_view_proj_doc_threshold) is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the file_id parameter to file_download.php.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

MantisBT 信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

MantisBT是MantisBT团队的一套基于Web的开源缺陷跟踪系统。该系统以Web操作的形式提供项目管理及缺陷跟踪服务。 MantisBT 1.2.19及之前的版本中的Project Documentation功能存在安全漏洞。远程攻击者可通过向file_download.php发送带有文件id编号的‘file_id’参数利用该漏洞下载链接到任意私人项目的附件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2015-5059

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2015-5059

Please Login to view more intelligence information

https://github.com/mantisbt/mantisbt/commit/a4be76d6e5c4939545d84712c79d3f8f4a108c4fx_refsource_CONFIRM
https://github.com/mantisbt/mantisbt/commit/f39cf5251953b468e9d921e1cf2aca3abdb00772x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1237199x_refsource_CONFIRM
http://www.securityfocus.com/bid/75414vdb-entryx_refsource_BID
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163191.htmlvendor-advisoryx_refsource_FEDORA
http://www.openwall.com/lists/oss-security/2015/06/25/3mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2015/06/25/4mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2015-5059

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2015-5059

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2015-5059

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2015-5059

III. Intelligence Information for CVE-2015-5059

IV. Related Vulnerabilities

V. Comments for CVE-2015-5059

Leave a comment