Vulnerability Details : CVE-2002-1110
Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_update.php.
Vulnerability category: Sql Injection
Products affected by CVE-2002-1110
- cpe:2.3:a:mantis:mantis:0.15.10:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.15.7:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.15.8:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.15.5:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.15.6:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.17.1:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.17.2:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.15.3:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.15.4:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.16.1:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.17.0:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.15.11:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.15.12:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.15.9:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.16.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2002-1110
0.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 64 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2002-1110
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2002-1110
Jump to