CVE-2018-6382

Name of the Vulnerable Software and Affected Versions MantisBT version 2.10.0

Description The issue allows local users to conduct SQL Injection attacks via the sql parameter in a request to the server.php endpoint, accessible from the 127.0.0.1 IP address. It is worth noting that the vendor disputes the significance of this report, stating that server.php is intended to execute arbitrary SQL statements on behalf of authenticated users from 127.0.0.1, and the issue does not have an authentication bypass.

Recommendations For MantisBT version 2.10.0, consider restricting access to the server.php endpoint to minimize the risk of exploitation, as it is intended for authenticated users from 127.0.0.1. Additionally, avoid using the sql parameter in requests to this endpoint until the issue is resolved.