Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mantis mantis 0.17.4 vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2002-1115
Mantis 0.17.4a and previous versions allows remote malicious users to view private bugs by modifying the f_id bug ID parameter to (1) bug_update_advanced_page.php, (2) bug_update_page.php, (3) view_bug_advanced_page.php, or (4) view_bug_page.php.
Mantis Mantis 0.17.2Mantis Mantis 0.17.3Mantis Mantis 0.17.0Mantis Mantis 0.17.1Mantis Mantis 0.17.4Mantis Mantis 0.17.4a
7.5
CVSSv2
CVE-2002-1116
The "View Bugs" page (view_all_bug_page.php) in Mantis 0.17.4a and previous versions includes summaries of private bugs for users that do not have access to any projects.
Mantis Mantis 0.17.3Mantis Mantis 0.17.4Mantis Mantis 0.17.4aMantis Mantis 0.17.0Mantis Mantis 0.17.1Mantis Mantis 0.17.2
4.3
CVSSv2
CVE-2006-0664
Cross-site scripting (XSS) vulnerability in config_defaults_inc.php in Mantis prior to 1.0 allows remote malicious users to inject arbitrary web script or HTML via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from th...
Mantis Mantis 0.17.5Mantis Mantis 0.18Mantis Mantis 0.18.0 Rc1Mantis Mantis 0.19.0Mantis Mantis 0.19.0 Rc1Mantis Mantis 0.19.4Mantis Mantis 1.0.0 Rc1Mantis Mantis 0.17.4Mantis Mantis 0.17.4aMantis Mantis 0.18.3Mantis Mantis 0.18a1Mantis Mantis 0.19.2Mantis Mantis 0.19.3Mantis Mantis 1.0.0a2Mantis Mantis 1.0.0a3Mantis Mantis 0.17.1Mantis Mantis 0.18.0a2Mantis Mantis 0.18.0a3Mantis Mantis 0.19.0aMantis Mantis 0.19.0a1Mantis Mantis 1.0.0 Rc2Mantis Mantis 1.0.0 Rc3
10
CVSSv2
CVE-2006-0665
Unspecified vulnerability in (1) query_store.php and (2) manage_proj_create.php in Mantis prior to 1.0.0 has unknown impact and attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. An original vendor bu...
Mantis Mantis 0.17.1Mantis Mantis 0.17.2Mantis Mantis 0.18.0a2Mantis Mantis 0.18.0a3Mantis Mantis 0.19.0aMantis Mantis 0.19.0a1Mantis Mantis 1.0.0 Rc3Mantis Mantis 1.0.0 Rc4Mantis Mantis 0.18Mantis Mantis 0.18.0 Rc1Mantis Mantis 0.19.0Mantis Mantis 0.19.0 Rc1Mantis Mantis 0.19.4Mantis Mantis 1.0.0 Rc1Mantis Mantis 0.17.3Mantis Mantis 0.17.4Mantis Mantis 0.18.0a4Mantis Mantis 0.18.2Mantis Mantis 0.19.0a2Mantis Mantis 0.19.1Mantis Mantis 1.0.0a1Mantis Mantis 1.0.0a2
4.3
CVSSv2
CVE-2004-1730
Cross-site scripting (XSS) vulnerability in Mantis bugtracker allows remote malicious users to inject arbitrary web script or HTML via (1) the return parameter to login_page.php, (2) e-mail field in signup.php, (3) action parameter to login_select_proj_page.php, or (4) hide_statu...
Mantis Mantis 0.13Mantis Mantis 0.13.1Mantis Mantis 0.14.6Mantis Mantis 0.14.7Mantis Mantis 0.15.3Mantis Mantis 0.15.4Mantis Mantis 0.16.0Mantis Mantis 0.16.1Mantis Mantis 0.17.4aMantis Mantis 0.17.5Mantis Mantis 0.9Mantis Mantis 0.9.1Mantis Mantis 0.11.1Mantis Mantis 0.12Mantis Mantis 0.14.4Mantis Mantis 0.14.5Mantis Mantis 0.15.12Mantis Mantis 0.15.2Mantis Mantis 0.15.9Mantis Mantis 0.16Mantis Mantis 0.17.3Mantis Mantis 0.17.4
5
CVSSv2
CVE-2004-1731
signup_page.php in Mantis bugtracker allows remote malicious users to send e-mail bombs by creating multiple users and providing the same e-mail address.
Mantis Mantis 0.12Mantis Mantis 0.13Mantis Mantis 0.14.5Mantis Mantis 0.14.6Mantis Mantis 0.15.2Mantis Mantis 0.15.3Mantis Mantis 0.16Mantis Mantis 0.16.0Mantis Mantis 0.17.4Mantis Mantis 0.17.4aMantis Mantis 0.17.5Mantis Mantis 0.19.0aMantis Mantis 0.9Mantis Mantis 0.11Mantis Mantis 0.11.1Mantis Mantis 0.14.3Mantis Mantis 0.14.4Mantis Mantis 0.15.11Mantis Mantis 0.15.12Mantis Mantis 0.15.8Mantis Mantis 0.15.9Mantis Mantis 0.17.2
4.3
CVSSv2
CVE-2005-3091
Cross-site scripting (XSS) vulnerability in Mantis prior to 1.0.0rc1 allows remote malicious users to inject arbitrary web script or HTML via unknown attack vectors, as identified by bug#0005751 "thraxisp".
Mantis Mantis 0.10.0Mantis Mantis 0.10.1Mantis Mantis 0.14.7Mantis Mantis 0.14.8Mantis Mantis 0.15.0Mantis Mantis 0.15.1Mantis Mantis 0.16.1Mantis Mantis 0.17.0Mantis Mantis 0.17.1Mantis Mantis 0.17.2Mantis Mantis 0.19.0Mantis Mantis 0.19.0 Rc1Mantis Mantis 0.19.0a1Mantis Mantis 0.19.0a2Mantis Mantis 0.10.2Mantis Mantis 0.11.1Mantis Mantis 0.14.3Mantis Mantis 0.14.5Mantis Mantis 0.15.11Mantis Mantis 0.15.2Mantis Mantis 0.15.7Mantis Mantis 0.15.9
5
CVSSv2
CVE-2004-2666
Mantis prior to 20041016 provides a complete Issue History (Bug History) in the web interface regardless of view_history_threshold, which allows remote malicious users to obtain sensitive information (private bug details) by visiting a bug's web page.
Mantis Mantis 0.10Mantis Mantis 0.10.1Mantis Mantis 0.14.7Mantis Mantis 0.14.8Mantis Mantis 0.15Mantis Mantis 0.15.1Mantis Mantis 0.17Mantis Mantis 0.17.1Mantis Mantis 0.17.2Mantis Mantis 0.17.3Mantis Mantis 0.18a1Mantis Mantis 0.19Mantis Mantis 0.11Mantis Mantis 0.12Mantis Mantis 0.14.4Mantis Mantis 0.14.6Mantis Mantis 0.15.10Mantis Mantis 0.15.12Mantis Mantis 0.15.8Mantis Mantis 0.16Mantis Mantis 0.17.4aMantis Mantis 0.18
5
CVSSv2
CVE-2005-4523
Mantis 1.0.0rc3 and previous versions discloses private bugs via public RSS feeds, which allows remote malicious users to obtain sensitive information.
Mantis Mantis 0.10Mantis Mantis 0.10.1Mantis Mantis 0.14Mantis Mantis 0.14.1Mantis Mantis 0.15Mantis Mantis 0.15.1Mantis Mantis 0.15.5Mantis Mantis 0.15.6Mantis Mantis 0.17Mantis Mantis 0.17.0Mantis Mantis 0.18.0 Rc1Mantis Mantis 0.18.0a2Mantis Mantis 0.19.0 Rc1Mantis Mantis 0.19.0aMantis Mantis 0.9.1Mantis Mantis 1.0.0 Rc1Mantis Mantis 0.10.2Mantis Mantis 0.11Mantis Mantis 0.14.2Mantis Mantis 0.14.3Mantis Mantis 0.15.10Mantis Mantis 0.15.11
4.3
CVSSv2
CVE-2005-4238
Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the target_field parameter.
Mantis Mantis 0.11.1Mantis Mantis 0.12Mantis Mantis 0.14.4Mantis Mantis 0.14.5Mantis Mantis 0.15.12Mantis Mantis 0.15.2Mantis Mantis 0.15.9Mantis Mantis 0.16Mantis Mantis 0.17.3Mantis Mantis 0.17.4Mantis Mantis 0.17.4aMantis Mantis 0.18.2Mantis Mantis 0.18.3Mantis Mantis 0.19.1Mantis Mantis 0.19.2Mantis Mantis 1.0.0a2Mantis Mantis 1.0.0a3Mantis Mantis 0.13Mantis Mantis 0.13.1Mantis Mantis 0.14.6Mantis Mantis 0.14.7Mantis Mantis 0.14.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook