{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"low"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2018-6382","title":"Title"},{"category":"description","text":"MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. NOTE: the vendor disputes the significance of this report because server.php is intended to execute arbitrary SQL statements on behalf of authenticated users from 127.0.0.1, and the issue does not have an authentication bypass","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2018-6382","url":"https://www.suse.com/security/cve/CVE-2018-6382"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1078308 for CVE-2018-6382","url":"https://bugzilla.suse.com/1078308"}],"title":"SUSE CVE CVE-2018-6382","tracking":{"current_release_date":"2025-07-08T00:22:32Z","generator":{"date":"2024-03-22T04:50:26Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2018-6382","initial_release_date":"2024-03-22T04:50:26Z","revision_history":[{"date":"2024-03-22T04:50:26Z","number":"2","summary":"Current version"},{"date":"2025-01-01T07:53:33Z","number":"3","summary":"Current version"},{"date":"2025-02-18T07:12:02Z","number":"4","summary":"Current version"},{"date":"2025-07-08T00:22:32Z","number":"5","summary":"Current version"}],"status":"interim","version":"5"}}}