SQL Injection Vulnerabilities in Mantis 0.17.2 and Earlier
CVE-2002-1110 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_update.php.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.