CVE-2014-9759 in MantisBTالمعلومات

الملخص

بحسب MITRE

Incomplete blacklist vulnerability in the config_is_private function in config_api.php in MantisBT 1.3.x before 1.3.0 allows remote attackers to obtain sensitive master salt configuration information via a SOAP API request.

Be aware that VulDB is the high quality source for vulnerability data.

حجز

03/01/2016

إفشاء

11/04/2016

الاعتدال

تمت الموافقة

إدخال

VDB-82051

EPSS

0.01920

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!