Test ID:	1.3.6.1.4.1.25623.1.0.100947
Category:	Web application abuses
Title:	MantisBT <= 1.2.3 (db_type) Local File Inclusion Vulnerability
Summary:	MantisBT is prone to a local file-include vulnerability because it fails; to properly sanitize user supplied input. MantisBT is also prone to a cross-site scripting (XSS) attack.
Description:	Summary: MantisBT is prone to a local file-include vulnerability because it fails to properly sanitize user supplied input. MantisBT is also prone to a cross-site scripting (XSS) attack. Vulnerability Insight: Input passed through the 'db_type' parameter (GET & POST) to upgrade_unattended.php script is not properly verified before being used to include files. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4348 42772 http://secunia.com/advisories/42772 51199 http://secunia.com/advisories/51199 ADV-2011-0002 http://www.vupen.com/english/advisories/2011/0002 FEDORA-2010-19070 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052721.html FEDORA-2010-19078 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052730.html GLSA-201211-01 http://security.gentoo.org/glsa/glsa-201211-01.xml [oss-security] 20101215 CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability http://openwall.com/lists/oss-security/2010/12/15/4 [oss-security] 20101216 Re: CVE request: MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure Vulnerability http://openwall.com/lists/oss-security/2010/12/16/1 http://www.mantisbt.org/blog/?p=123 http://www.mantisbt.org/bugs/changelog_page.php?version_id=112 http://www.mantisbt.org/bugs/view.php?id=12607 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4983.php https://bugzilla.redhat.com/show_bug.cgi?id=663230 Common Vulnerability Exposure (CVE) ID: CVE-2010-4349 mantisbt-dbtype-path-disclosure(64463) https://exchange.xforce.ibmcloud.com/vulnerabilities/64463 Common Vulnerability Exposure (CVE) ID: CVE-2010-4350 [oss-security] 20101215 CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability http://openwall.com/lists/oss-security/2010/12/15/5 [oss-security] 20101216 Re: CVE request: MantisBT <=1.2.3 (db_type) Local File Inclusion Vulnerability http://openwall.com/lists/oss-security/2010/12/16/2 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4984.php
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.