Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mantis mantis 0.16.0 vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2002-1111
print_all_bug_page.php in Mantis 0.17.3 and previous versions does not verify the limit_reporters option, which allows remote malicious users to view bug summaries for bugs that would otherwise be restricted.
Mantis Mantis 0.16.0Mantis Mantis 0.16.1Mantis Mantis 0.17.0Mantis Mantis 0.17.1Mantis Mantis 0.17.2Mantis Mantis 0.17.3
10
CVSSv2
CVE-2002-1110
Multiple SQL injection vulnerabilities in Mantis 0.17.2 and previous versions, when running without magic_quotes_gpc enabled, allows remote malicious users to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_update.php.
Mantis Mantis 0.15.10Mantis Mantis 0.15.7Mantis Mantis 0.15.8Mantis Mantis 0.15.5Mantis Mantis 0.15.6Mantis Mantis 0.17.1Mantis Mantis 0.17.2Mantis Mantis 0.15.3Mantis Mantis 0.15.4Mantis Mantis 0.16.1Mantis Mantis 0.17.0Mantis Mantis 0.15.11Mantis Mantis 0.15.12Mantis Mantis 0.15.9Mantis Mantis 0.16.0
7.5
CVSSv2
CVE-2002-1113
summary_graph_functions.php in Mantis 0.17.3 and previous versions allows remote malicious users to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code.
Mantis Mantis 0.15.10Mantis Mantis 0.15.7Mantis Mantis 0.15.8Mantis Mantis 0.15.5Mantis Mantis 0.15.6Mantis Mantis 0.17.2Mantis Mantis 0.17.3Mantis Mantis 0.15.3Mantis Mantis 0.15.4Mantis Mantis 0.17.0Mantis Mantis 0.17.1Mantis Mantis 0.15.11Mantis Mantis 0.15.12Mantis Mantis 0.15.9Mantis Mantis 0.16.0Mantis Mantis 0.16.1
5
CVSSv2
CVE-2002-1112
Mantis prior to 0.17.4 allows remote malicious users to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
Mantis Mantis 0.15.10Mantis Mantis 0.15.8Mantis Mantis 0.15.9Mantis Mantis 0.15.6Mantis Mantis 0.15.7Mantis Mantis 0.17.2Mantis Mantis 0.17.3Mantis Mantis 0.15.3Mantis Mantis 0.15.4Mantis Mantis 0.15.5Mantis Mantis 0.17.0Mantis Mantis 0.17.1Mantis Mantis 0.15.11Mantis Mantis 0.15.12Mantis Mantis 0.16.0Mantis Mantis 0.16.1
4.3
CVSSv2
CVE-2004-1730
Cross-site scripting (XSS) vulnerability in Mantis bugtracker allows remote malicious users to inject arbitrary web script or HTML via (1) the return parameter to login_page.php, (2) e-mail field in signup.php, (3) action parameter to login_select_proj_page.php, or (4) hide_statu...
Mantis Mantis 0.13Mantis Mantis 0.13.1Mantis Mantis 0.14.6Mantis Mantis 0.14.7Mantis Mantis 0.15.3Mantis Mantis 0.15.4Mantis Mantis 0.16.0Mantis Mantis 0.16.1Mantis Mantis 0.17.4aMantis Mantis 0.17.5Mantis Mantis 0.9Mantis Mantis 0.9.1Mantis Mantis 0.11.1Mantis Mantis 0.12Mantis Mantis 0.14.4Mantis Mantis 0.14.5Mantis Mantis 0.15.12Mantis Mantis 0.15.2Mantis Mantis 0.15.9Mantis Mantis 0.16Mantis Mantis 0.17.3Mantis Mantis 0.17.4
5
CVSSv2
CVE-2004-1731
signup_page.php in Mantis bugtracker allows remote malicious users to send e-mail bombs by creating multiple users and providing the same e-mail address.
Mantis Mantis 0.12Mantis Mantis 0.13Mantis Mantis 0.14.5Mantis Mantis 0.14.6Mantis Mantis 0.15.2Mantis Mantis 0.15.3Mantis Mantis 0.16Mantis Mantis 0.16.0Mantis Mantis 0.17.4Mantis Mantis 0.17.4aMantis Mantis 0.17.5Mantis Mantis 0.19.0aMantis Mantis 0.9Mantis Mantis 0.11Mantis Mantis 0.11.1Mantis Mantis 0.14.3Mantis Mantis 0.14.4Mantis Mantis 0.15.11Mantis Mantis 0.15.12Mantis Mantis 0.15.8Mantis Mantis 0.15.9Mantis Mantis 0.17.2
4.3
CVSSv2
CVE-2006-0841
Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) hide_status, (2) handler_id, (3) user_monitor, (4) reporter_id, (5) view_type, (6) show_severity, (7) show_c...
Mantis Mantis 0.11.1Mantis Mantis 0.12Mantis Mantis 0.14.1Mantis Mantis 0.14.2Mantis Mantis 0.15Mantis Mantis 0.15.0Mantis Mantis 0.15.1Mantis Mantis 0.18Mantis Mantis 0.18.0Mantis Mantis 0.18.2Mantis Mantis 0.18.3Mantis Mantis 0.10Mantis Mantis 0.10.0Mantis Mantis 0.12.0Mantis Mantis 0.13Mantis Mantis 0.14.3Mantis Mantis 0.14.4Mantis Mantis 0.15.2Mantis Mantis 0.16Mantis Mantis 0.18.0 Rc1Mantis Mantis 0.18.0a1Mantis Mantis 0.18a1
5
CVSSv2
CVE-2006-0840
manage_user_page.php in Mantis 1.00rc4 and previous versions does not properly handle a sort parameter containing a ' (quote) character, which allows remote malicious users to trigger a SQL error that may be repeatedly reported to a user who makes subsequent web accesses wit...
Mantis Mantis 0.11.0Mantis Mantis 0.11.1Mantis Mantis 0.14.0Mantis Mantis 0.14.1Mantis Mantis 0.14.2Mantis Mantis 0.15Mantis Mantis 0.15.0Mantis Mantis 0.17.4aMantis Mantis 0.18Mantis Mantis 0.18.1Mantis Mantis 0.18.2Mantis Mantis 0.18.3Mantis Mantis 0.10.0Mantis Mantis 0.10.1Mantis Mantis 0.13Mantis Mantis 0.13.0Mantis Mantis 0.14.5Mantis Mantis 0.14.6Mantis Mantis 0.16Mantis Mantis 0.16.0Mantis Mantis 0.18.0a1Mantis Mantis 0.18.0a2
4.3
CVSSv2
CVE-2005-3091
Cross-site scripting (XSS) vulnerability in Mantis prior to 1.0.0rc1 allows remote malicious users to inject arbitrary web script or HTML via unknown attack vectors, as identified by bug#0005751 "thraxisp".
Mantis Mantis 0.10.0Mantis Mantis 0.10.1Mantis Mantis 0.14.7Mantis Mantis 0.14.8Mantis Mantis 0.15.0Mantis Mantis 0.15.1Mantis Mantis 0.16.1Mantis Mantis 0.17.0Mantis Mantis 0.17.1Mantis Mantis 0.17.2Mantis Mantis 0.19.0Mantis Mantis 0.19.0 Rc1Mantis Mantis 0.19.0a1Mantis Mantis 0.19.0a2Mantis Mantis 0.10.2Mantis Mantis 0.11.1Mantis Mantis 0.14.3Mantis Mantis 0.14.5Mantis Mantis 0.15.11Mantis Mantis 0.15.2Mantis Mantis 0.15.7Mantis Mantis 0.15.9
4.3
CVSSv2
CVE-2005-4238
Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the target_field parameter.
Mantis Mantis 0.11.1Mantis Mantis 0.12Mantis Mantis 0.14.4Mantis Mantis 0.14.5Mantis Mantis 0.15.12Mantis Mantis 0.15.2Mantis Mantis 0.15.9Mantis Mantis 0.16Mantis Mantis 0.17.3Mantis Mantis 0.17.4Mantis Mantis 0.17.4aMantis Mantis 0.18.2Mantis Mantis 0.18.3Mantis Mantis 0.19.1Mantis Mantis 0.19.2Mantis Mantis 1.0.0a2Mantis Mantis 1.0.0a3Mantis Mantis 0.13Mantis Mantis 0.13.1Mantis Mantis 0.14.6Mantis Mantis 0.14.7Mantis Mantis 0.14.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook