Remote Database Connection Vulnerability in Mantis 0.19.0a1 through 1.0.0a3
CVE-2005-2556 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
core/database_api.php in Mantis 0.19.0a1 through 1.0.0a3, with register_globals enabled, allows remote attackers to connect to internal databases by modifying the g_db_type variable and monitoring the speed of responses, as identified by bug#0005956.
Learn more about our Api Penetration Testing.