core/database_api.php in Mantis 0.19.0a1 through 1.0.0a3, with register_globals enabled, allows remote attackers to connect to internal databases by modifying the g_db_type variable and monitoring the speed of responses, as identified by bug#0005956.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2005-08-24 04:00
Updated : 2024-02-28 10:42
NVD link : CVE-2005-2556
Mitre link : CVE-2005-2556
CVE.ORG link : CVE-2005-2556
JSON object : View
Products Affected
mantis
- mantis
CWE