Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mantis vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-4520
Unspecified "port injection" vulnerabilities in filters in Mantis 1.0.0rc3 and previous versions have unknown impact and attack vectors. NOTE: due to a lack of relevant details in the vendor changelog, which is the source of this description, it is unclear whether this ...
Mantis Mantis 1.0.0 Rc3
Mantis Mantis 1.0.0a1
Mantis Mantis 1.0.0a2
Mantis Mantis 1.0.0a3
Mantis Mantis 1.0.0 Rc1
Mantis Mantis 1.0.0 Rc2
4.3
CVSSv2
CVE-2005-4522
Multiple cross-site scripting (XSS) vulnerabilities in the view_filters_page.php filters script in Mantis 1.0.0rc3 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) view_type and (2) target_field parameters.
Mantis Mantis 1.0.0 Rc1
Mantis Mantis 1.0.0 Rc2
Mantis Mantis 1.0.0 Rc3
Mantis Mantis 1.0.0a1
Mantis Mantis 1.0.0a2
Mantis Mantis 1.0.0a3
5
CVSSv2
CVE-2002-1111
print_all_bug_page.php in Mantis 0.17.3 and previous versions does not verify the limit_reporters option, which allows remote malicious users to view bug summaries for bugs that would otherwise be restricted.
Mantis Mantis 0.16.0
Mantis Mantis 0.16.1
Mantis Mantis 0.17.0
Mantis Mantis 0.17.1
Mantis Mantis 0.17.2
Mantis Mantis 0.17.3
7.5
CVSSv2
CVE-2002-1116
The "View Bugs" page (view_all_bug_page.php) in Mantis 0.17.4a and previous versions includes summaries of private bugs for users that do not have access to any projects.
Mantis Mantis 0.17.3
Mantis Mantis 0.17.4
Mantis Mantis 0.17.4a
Mantis Mantis 0.17.0
Mantis Mantis 0.17.1
Mantis Mantis 0.17.2
4.3
CVSSv2
CVE-2005-2557
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 up to and including 1.0.0a3 allows remote malicious users to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090.
Mantis Mantis 0.19.0
Mantis Mantis 1.0.0a2
Mantis Mantis 1.0.0a3
Mantis Mantis 0.19.0a2
Mantis Mantis 0.19.1
Mantis Mantis 0.19.2
Mantis Mantis 1.0.0a1
Mantis Mantis 0.19.0 Rc1
Mantis Mantis 0.19.0a1
Debian Debian Linux 3.1
Gentoo Linux
1 EDB exploit
7.5
CVSSv2
CVE-2002-1114
config_inc2.php in Mantis prior to 0.17.4 allows remote malicious users to execute arbitrary code or read arbitrary files via the parameters (1) g_bottom_include_page, (2) g_top_include_page, (3) g_css_include_file, (4) g_meta_include_file, or (5) a cookie.
Mantis Mantis 0.17.0
Mantis Mantis 0.17.3
Mantis Mantis 0.17.1
Mantis Mantis 0.17.2
7.5
CVSSv2
CVE-2005-3335
PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote malicious users to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.
Mantis Mantis 0.19.2
Mantis Mantis 1.0.0 Rc2
7.5
CVSSv2
CVE-2005-3336
SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote malicious users to execute arbitrary SQL commands via unknown vectors.
Mantis Mantis 0.19.2
Mantis Mantis 1.0.0 Rc2
4.3
CVSSv2
CVE-2007-6611
Cross-site scripting (XSS) vulnerability in view.php in Mantis prior to 1.1.0 allows remote malicious users to inject arbitrary web script or HTML via a filename, related to bug_report.php.
Mantis Mantis
3.6
CVSSv2
CVE-2003-0499
Mantis 0.17.5 and previous versions stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations.
Mantis Mantis 0.17.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »