Unrated severityNVD Advisory· Published Aug 24, 2005· Updated Apr 16, 2026
CVE-2005-2556
CVE-2005-2556
Description
core/database_api.php in Mantis 0.19.0a1 through 1.0.0a3, with register_globals enabled, allows remote attackers to connect to internal databases by modifying the g_db_type variable and monitoring the speed of responses, as identified by bug#0005956.
Affected products
9cpe:2.3:a:mantis:mantis:0.19.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:mantis:mantis:0.19.0:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.0a1:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.0a2:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.0_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.1:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:0.19.2:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:1.0.0a1:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:1.0.0a2:*:*:*:*:*:*:*
- cpe:2.3:a:mantis:mantis:1.0.0a3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.debian.org/security/2005/dsa-778nvdPatchVendor Advisory
- www.securityfocus.com/bid/14604nvdPatch
- marc.infonvd
- secunia.com/advisories/16506nvd
- www.gentoo.org/security/en/glsa/glsa-200509-16.xmlnvd
News mentions
0No linked articles in our index yet.