CVE-2018-6382

CVE: CVE-2018-6382
Published: 2018-01-30T06:29Z
Vendor: mantisbt
Products: mantisbt
Versions: 2.10.0,
Description Language: en
Description: MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address,
References:
http://archive.is/https:/mantisbt.org/bugs/view.php?id=23908
https://mantisbt.org/bugs/view.php?id=23908