SQL injection vulnerability in the mci_file_get function in api/soap/mc_file_api.php in MantisBT before 1.2.16 allows remote attackers to execute arbitrary SQL commands via a crafted envelope tag in a mc_issue_attachment_get SOAP request.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-03-18T14:00:00
Updated: 2017-01-04T17:57:01
Reserved: 2014-01-18T00:00:00
Link: CVE-2014-1608
JSON object: View
NVD Information
Status : Modified
Published: 2014-03-18T17:03:00.467
Modified: 2021-01-12T18:05:59.507
Link: CVE-2014-1608
JSON object: View
Redhat Information
No data.
CWE