Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mantis mantis vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2014-9280
The current_user_get_bug_filter function in core/current_user_api.php in MantisBT prior to 1.2.18 allows remote malicious users to execute arbitrary PHP code via the filter parameter.
Mantisbt Mantisbt
668
VMScore
CVE-2014-9089
Multiple SQL injection vulnerabilities in view_all_bug_page.php in MantisBT prior to 1.2.18 allow remote malicious users to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to view_all_set.php.
Debian Debian Linux 1.2
Mantisbt Mantisbt
668
VMScore
CVE-2014-8554
SQL injection vulnerability in the mc_project_get_attachments function in api/soap/mc_project_api.php in MantisBT prior to 1.2.18 allows remote malicious users to execute arbitrary SQL commands via the project_id parameter. NOTE: this vulnerability exists because of an incomplete...
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt 1.2.13
Mantisbt Mantisbt 1.0.0a1
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.0.0a3
Mantisbt Mantisbt 1.2.0a1
Mantisbt Mantisbt 1.2.15
Mantisbt Mantisbt 1.2.0a2
Mantisbt Mantisbt 0.19.0
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 0.19.0a1
Mantisbt Mantisbt 1.2.12
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 0.19.1
Mantisbt Mantisbt 1.2.10
Mantisbt Mantisbt 1.2.9
Mantisbt Mantisbt 0.18.0
Mantisbt Mantisbt 1.0.9
Mantisbt Mantisbt 0.19.2
668
VMScore
CVE-2012-1123
The mci_check_login function in api/soap/mc_api.php in the SOAP API in MantisBT prior to 1.2.9 allows remote malicious users to bypass authentication via a null password.
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 0.19.0
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 0.19.1
Mantisbt Mantisbt 0.18.0
Mantisbt Mantisbt 1.0.9
Mantisbt Mantisbt 0.19.2
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 1.1.6
Mantisbt Mantisbt 1.1.9
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.0.7
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 1.1.2
Mantisbt Mantisbt 1.0.1
668
VMScore
CVE-2008-4689
Mantis prior to 1.1.3 does not unset the session cookie during logout, which makes it easier for remote malicious users to hijack sessions.
Mantis Mantis 1.0.6
Mantis Mantis 1.0.2
Mantis Mantis
Mantis Mantis 1.0.4
Mantis Mantis 1.0.8
Mantis Mantis 0.19.3
Mantis Mantis 1.0.7
Mantis Mantis 1.0.1
Mantis Mantis 1.0.3
Mantis Mantis 1.0.5
Mantis Mantis 1.1.1
Mantis Mantis 0.19.4
668
VMScore
CVE-2008-3333
Directory traversal vulnerability in core/lang_api.php in Mantis prior to 1.1.2 allows remote malicious users to include and execute arbitrary files via the language parameter to the user preferences page (account_prefs_update.php).
Mantis Mantis 0.10.2
Mantis Mantis 0.10
Mantis Mantis 0.12.0
Mantis Mantis 0.14.7
Mantis Mantis 1.0.6
Mantis Mantis 0.19
Mantis Mantis 0.18.2
Mantis Mantis 0.18.0
Mantis Mantis 1.0.2
Mantis Mantis 0.15.12
Mantis Mantis 0.18.0a2
Mantis Mantis 0.18.0a4
Mantis Mantis 0.15.3
Mantis Mantis 0.18
Mantis Mantis 0.15.0
Mantis Mantis 1.0.4
Mantis Mantis 1.0.0 Rc3
Mantis Mantis 0.15.9
Mantis Mantis 0.14.2
Mantis Mantis 0.9.1
Mantis Mantis 0.13
Mantis Mantis 0.10.1
668
VMScore
CVE-2005-4519
Multiple SQL injection vulnerabilities in the manage user page (manage_user_page.php) in Mantis 1.0.0rc3 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) prefix and (2) sort parameters to the manage user page (manage_user_page.php),...
Mantis Mantis 0.10.2
Mantis Mantis 0.10
Mantis Mantis 0.14.7
Mantis Mantis 0.18.2
Mantis Mantis 0.15.12
Mantis Mantis 0.18.0a2
Mantis Mantis 0.18.0a4
Mantis Mantis 0.15.3
Mantis Mantis
Mantis Mantis 0.18
Mantis Mantis 0.15.9
Mantis Mantis 0.14.2
Mantis Mantis 0.9.1
Mantis Mantis 0.13
Mantis Mantis 0.10.1
Mantis Mantis 0.17.0
Mantis Mantis 0.15.10
Mantis Mantis 0.16.1
Mantis Mantis 1.0.0 Rc1
Mantis Mantis 1.0.0 Rc2
Mantis Mantis 0.15.2
Mantis Mantis 0.15.4
668
VMScore
CVE-2005-4518
Mantis prior to 0.19.4 allows remote malicious users to bypass the file upload size restriction by modifying the max_file_size parameter to (1) bug_file_add.php, (2) bug_report.php, (3) bug_report_advanced_page.php, and (4) proj_doc_add_page.php.
668
VMScore
CVE-2005-3335
PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote malicious users to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.
Mantis Mantis 1.0.0 Rc2
Mantis Mantis 0.19.2
668
VMScore
CVE-2005-3336
SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote malicious users to execute arbitrary SQL commands via unknown vectors.
Mantis Mantis 1.0.0 Rc2
Mantis Mantis 0.19.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »