admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2018/6xxx/CVE-2018-6382.json

67 lines
2.2 KiB
JSON
Raw Normal View History

- Synchronized data.
2018-01-29 12:02:51 -05:00
{
"-Synchronized-Data."
2019-03-17 22:48:05 +00:00
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
- Synchronized data.
2018-01-30 01:02:35 -05:00
{
"-Synchronized-Data."
2019-03-17 22:48:05 +00:00
"lang": "eng",
"value": "** DISPUTED ** MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. NOTE: the vendor disputes the significance of this report because server.php is intended to execute arbitrary SQL statements on behalf of authenticated users from 127.0.0.1, and the issue does not have an authentication bypass."
- Synchronized data.
2018-01-30 01:02:35 -05:00
}
"-Synchronized-Data."
2019-03-17 22:48:05 +00:00
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://archive.is/https:/mantisbt.org/bugs/view.php?id=23908",
"refsource": "MISC",
"url": "http://archive.is/https:/mantisbt.org/bugs/view.php?id=23908"
},
{
"name": "https://mantisbt.org/bugs/view.php?id=23908",
"refsource": "MISC",
"url": "https://mantisbt.org/bugs/view.php?id=23908"
}
]
}
}
Reference in New Issue Copy Permalink