Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mantis mantis 0.19.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-3337
Multiple cross-site scripting (XSS) vulnerabilities in Mantis prior to 0.19.3 allow remote malicious users to inject arbitrary web script or HTML via (1) unknown vectors involving Javascript and (2) mantis/view_all_set.php.
Mantis Mantis 0.19.0
Mantis Mantis 0.19.0 Rc1
Mantis Mantis 0.19.0a1
Mantis Mantis 0.19.0a2
Mantis Mantis 0.19.2
Mantis Mantis 0.19.1
Mantis Mantis 0.19.3
4.3
CVSSv2
CVE-2005-3090
Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php in Mantis 0.19.0a1 up to and including 1.0.0a3 allows remote malicious users to inject arbitrary web script or HTML via the summary of the bug, which is not quoted when view_all_bug_page.php is used to delete th...
Mantis Mantis 0.19.0
Mantis Mantis 0.19.0 Rc1
Mantis Mantis 1.0.0a3
Mantis Mantis 0.19.0a1
Mantis Mantis 0.19.0a2
Mantis Mantis 0.19.1
Mantis Mantis 0.19.2
Mantis Mantis 1.0.0a1
Mantis Mantis 1.0.0a2
4.3
CVSSv2
CVE-2005-3091
Cross-site scripting (XSS) vulnerability in Mantis prior to 1.0.0rc1 allows remote malicious users to inject arbitrary web script or HTML via unknown attack vectors, as identified by bug#0005751 "thraxisp".
Mantis Mantis 0.10.0
Mantis Mantis 0.10.1
Mantis Mantis 0.14.7
Mantis Mantis 0.14.8
Mantis Mantis 0.15.0
Mantis Mantis 0.15.1
Mantis Mantis 0.16.1
Mantis Mantis 0.17.0
Mantis Mantis 0.17.1
Mantis Mantis 0.17.2
Mantis Mantis 0.19.0
Mantis Mantis 0.19.0 Rc1
Mantis Mantis 0.19.0a1
Mantis Mantis 0.19.0a2
Mantis Mantis 0.10.2
Mantis Mantis 0.11.1
Mantis Mantis 0.14.3
Mantis Mantis 0.14.5
Mantis Mantis 0.15.11
Mantis Mantis 0.15.2
Mantis Mantis 0.15.7
Mantis Mantis 0.15.9
4.3
CVSSv2
CVE-2005-2557
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 up to and including 1.0.0a3 allows remote malicious users to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090.
Mantis Mantis 0.19.0
Mantis Mantis 1.0.0a2
Mantis Mantis 1.0.0a3
Mantis Mantis 0.19.0a2
Mantis Mantis 0.19.1
Mantis Mantis 0.19.2
Mantis Mantis 1.0.0a1
Mantis Mantis 0.19.0 Rc1
Mantis Mantis 0.19.0a1
Debian Debian Linux 3.1
Gentoo Linux
1 EDB exploit
3.6
CVSSv2
CVE-2012-1122
bug_actiongroup.php in MantisBT prior to 1.2.9 does not properly check the report_bug_threshold permission of the receiving project when moving a bug report, which allows remote authenticated users with the report_bug_threshold and move_bug_threshold privileges for a project to b...
Mantisbt Mantisbt 1.0.1
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt 1.0.7
Mantisbt Mantisbt 1.0.4
Mantisbt Mantisbt 1.1.7
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 0.19.0a1
Mantisbt Mantisbt 0.19.0a2
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 1.0.5
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.2.0a2
Mantisbt Mantisbt 0.19.0
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 1.0.8
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.0.6
3.6
CVSSv2
CVE-2012-1120
The SOAP API in MantisBT prior to 1.2.9 does not properly enforce the bugnote_allow_user_edit_delete and delete_bug_threshold permissions, which allows remote authenticated users with read and write SOAP API privileges to delete arbitrary bug reports and bug notes.
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt 1.0.4
Mantisbt Mantisbt 1.0.5
Mantisbt Mantisbt 0.19.1
Mantisbt Mantisbt 0.19.2
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.1.3
Mantisbt Mantisbt 1.1.8
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.0.8
Mantisbt Mantisbt 0.19.0
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.0.9
3.6
CVSSv2
CVE-2012-2692
MantisBT prior to 1.2.11 does not check the delete_attachments_threshold permission when form_security_validation is set to OFF, which allows remote authenticated users with certain privileges to bypass intended access restrictions and delete arbitrary attachments.
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.1.2
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.1.8
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 0.18.0
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 1.0.4
Mantisbt Mantisbt 1.0.5
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.2.7
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 1.2.8
Mantisbt Mantisbt 1.2.9
Mantisbt Mantisbt 1.0.1
Mantisbt Mantisbt 1.0.6
Mantisbt Mantisbt 1.0.7
3.5
CVSSv2
CVE-2008-3331
Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis prior to 1.1.2 allows remote malicious users to inject arbitrary web script or HTML via the filter_target parameter.
Mantis Mantis 0.10.0
Mantis Mantis 0.10.1
Mantis Mantis 0.13.0
Mantis Mantis 0.13.1
Mantis Mantis 0.14.5
Mantis Mantis 0.14.6
Mantis Mantis 0.15.11
Mantis Mantis 0.15.12
Mantis Mantis 0.15.9
Mantis Mantis 0.11.0
Mantis Mantis 0.11.1
Mantis Mantis 0.14.1
Mantis Mantis 0.14.2
Mantis Mantis 0.15
Mantis Mantis 0.15.0
Mantis Mantis 0.15.4
Mantis Mantis 0.15.5
Mantis Mantis 0.15.6
Mantis Mantis 0.17
Mantis Mantis 0.17.0
Mantis Mantis 0.18
Mantis Mantis 0.18.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3