← back
CVE-2014-2238

CVE-2014-2238

23Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 11%
from disclosure to weapon0 days
Published on NVDMar 5
metasploitFeb 28
exploitation probability
11%top 5% of all CVEs
observed exploitation
nono source reports it
SQL injection vulnerability in the manage configuration page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via the filter_config_id parameter.
Affected products
n/a · n/a