Language:
https://mantisbt.org/blog/archives/mantisbt/301
https://www.mantisbt.org/bugs/changelog_page.php?version_id=191
Severity: High
ID: 80914
File Name: mantis_1_2_18.nasl
Version: 1.8
Type: remote
Family: CGI abuses
Published: 1/22/2015
Updated: 4/11/2022
Configuration: Enable paranoid mode, Enable thorough checks
Supported Sensors: Nessus
Risk Factor: High
Score: 7.4
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.2
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE: cpe:/a:mantisbt:mantisbt
Required KB Items: installed_sw/MantisBT, Settings/ParanoidReport
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/6/2014
Vulnerability Publication Date: 12/6/2014
Metasploit (MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability)
CVE: CVE-2014-6316, CVE-2014-6387, CVE-2014-7146, CVE-2014-8553, CVE-2014-8554, CVE-2014-8598, CVE-2014-8986, CVE-2014-8987, CVE-2014-8988, CVE-2014-9089, CVE-2014-9117, CVE-2014-9269, CVE-2014-9270, CVE-2014-9271, CVE-2014-9272, CVE-2014-9279, CVE-2014-9280, CVE-2014-9281
BID: 70856, 70993, 70996, 71104, 71321, 71359, 71361, 71371, 71372, 71478