CVE-2002-1110

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0480%

EPSS Percentile12.59th

Published2002年10月4日

Last Modified2026年4月16日

Vulnerability Description

Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_update.php.

Affected Platforms (CPE)

📦

Mantis

= 0.15.3

📦

Mantis

= 0.15.4

📦

Mantis

= 0.15.5

📦

Mantis

= 0.15.6

📦

Mantis

= 0.15.7

📦

Mantis

= 0.15.8

📦

Mantis

= 0.15.9

📦

Mantis

= 0.15.10

📦

Mantis

= 0.15.11

📦

Mantis

= 0.15.12

📦

Mantis

= 0.16.0

📦

Mantis

= 0.16.1

📦

Mantis

= 0.17.0

📦

Mantis

= 0.17.1

📦

Mantis

= 0.17.2

References & Advisories

🔗 http://mantisbt.sourceforge.net/advisories/2002/2002-01.txt

🔗 http://marc.info/?l=bugtraq&m=102978728718851&w=2

🔗 http://www.debian.org/security/2002/dsa-153

🔗 http://www.iss.net/security_center/static/9897.php

🔗 http://www.securityfocus.com/bid/5510

🔗 http://mantisbt.sourceforge.net/advisories/2002/2002-01.txt

🔗 http://marc.info/?l=bugtraq&m=102978728718851&w=2

🔗 http://www.debian.org/security/2002/dsa-153

Vulnerability Description

Affected Platforms (CPE)

Mantis

Mantis

Mantis

Mantis

Mantis

Mantis

Mantis

Mantis

Mantis

Mantis

Mantis

Mantis

Mantis

Mantis

Mantis

References & Advisories

関連する脆弱性情報