Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

Mantis < 0.19.3 Multiple Flaws Vulnerability Scan

Vulnerability Scan Summary
Checks for flaws in Mantis < 0.19.3

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP application that is affected by
multiple flaws.

Description :

The remote version of Mantis suffers from a remote file inclusion
vulnerability. Provided PHP's 'register_globals' setting is enabled,
A possible hacker may be able to leverage this issue to read arbitrary files
on the local host or to execute arbitrary PHP code, possibly taken
from third-party hosts.

In addition, the installed version reportedly may be prone to SQL
injection, cross-site scripting, and information disclosure attacks.

See also :

Solution :

Upgrade to Mantis 0.19.3 or newer.

Threat Level:

Medium / CVSS Base Score : 6

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.