{"id":"CVE-2017-12419","details":"If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the 'admin' directory (as recommended in the \"Post-installation and upgrade tasks\" section of the MantisBT Admin Guide), and the MySQL client has a local_infile setting enabled (in php.ini mysqli.allow_local_infile, or the MySQL client config file, depending on the PHP setup), an attacker may take advantage of MySQL's \"connect file read\" feature to remotely access files on the MantisBT server.","modified":"2026-04-10T03:55:05.516651Z","published":"2017-08-05T15:29:00.177Z","references":[{"type":"ADVISORY","url":"http://openwall.com/lists/oss-security/2017/08/04/6"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100142"},{"type":"ADVISORY","url":"https://mantisbt.org/bugs/view.php?id=23173"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mantisbt/mantisbt","events":[{"introduced":"0"},{"last_affected":"0f1ed233e5c3c86892fb0eafca227681f3f848c7"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.5.2"}]}}],"versions":["release-1.2.0a1","release-1.2.0a2","release-1.2.0a3","release-1.2.0rc1","release-1.3.0-beta.1","release-1.3.0-beta.2","release-1.3.0-beta.3","release-1.3.0-rc.1","release-1.3.0-rc.2","release-2.0.0","release-2.0.0-beta.1","release-2.0.0-beta.2","release-2.0.0-beta.3","release-2.0.0-rc.1","release-2.0.0-rc.2","release-2.1.0","release-2.2.0","release-2.3.0","release-2.4.0","release-2.5.0","release-2.5.1","release-2.5.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12419.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}]}