Skip to main content
CVE-2018-6382 LOW Monitor

MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

SQLi Authentication Bypass PHP Mantisbt
NVD
CVSS 3.0
3.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy