CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-11 20:52:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
9822fb37735000bda8766c00a6155fb6da059fd1
CVEs-PoC/2014/CVE-2014-8598.md
T
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

781 B
Raw Blame History

CVE-2014-8598

Description

The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to (1) upload arbitrary XML files via the import page or (2) obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code.

POC

Reference

Github

No PoCs found on GitHub currently.

Reference in New Issue View Git Blame Copy Permalink