Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mantis mantis 0.17.1 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2002-1114
config_inc2.php in Mantis prior to 0.17.4 allows remote malicious users to execute arbitrary code or read arbitrary files via the parameters (1) g_bottom_include_page, (2) g_top_include_page, (3) g_css_include_file, (4) g_meta_include_file, or (5) a cookie.
Mantis Mantis 0.17.0
Mantis Mantis 0.17.3
Mantis Mantis 0.17.1
Mantis Mantis 0.17.2
445
VMScore
CVE-2002-1111
print_all_bug_page.php in Mantis 0.17.3 and previous versions does not verify the limit_reporters option, which allows remote malicious users to view bug summaries for bugs that would otherwise be restricted.
Mantis Mantis 0.16.0
Mantis Mantis 0.16.1
Mantis Mantis 0.17.0
Mantis Mantis 0.17.1
Mantis Mantis 0.17.2
Mantis Mantis 0.17.3
445
VMScore
CVE-2002-1115
Mantis 0.17.4a and previous versions allows remote malicious users to view private bugs by modifying the f_id bug ID parameter to (1) bug_update_advanced_page.php, (2) bug_update_page.php, (3) view_bug_advanced_page.php, or (4) view_bug_page.php.
Mantis Mantis 0.17.2
Mantis Mantis 0.17.3
Mantis Mantis 0.17.0
Mantis Mantis 0.17.1
Mantis Mantis 0.17.4
Mantis Mantis 0.17.4a
668
VMScore
CVE-2002-1116
The "View Bugs" page (view_all_bug_page.php) in Mantis 0.17.4a and previous versions includes summaries of private bugs for users that do not have access to any projects.
Mantis Mantis 0.17.3
Mantis Mantis 0.17.4
Mantis Mantis 0.17.4a
Mantis Mantis 0.17.0
Mantis Mantis 0.17.1
Mantis Mantis 0.17.2
890
VMScore
CVE-2002-1110
Multiple SQL injection vulnerabilities in Mantis 0.17.2 and previous versions, when running without magic_quotes_gpc enabled, allows remote malicious users to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_update.php.
Mantis Mantis 0.15.10
Mantis Mantis 0.15.7
Mantis Mantis 0.15.8
Mantis Mantis 0.15.5
Mantis Mantis 0.15.6
Mantis Mantis 0.17.1
Mantis Mantis 0.17.2
Mantis Mantis 0.15.3
Mantis Mantis 0.15.4
Mantis Mantis 0.16.1
Mantis Mantis 0.17.0
Mantis Mantis 0.15.11
Mantis Mantis 0.15.12
Mantis Mantis 0.15.9
Mantis Mantis 0.16.0
445
VMScore
CVE-2002-1112
Mantis prior to 0.17.4 allows remote malicious users to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
Mantis Mantis 0.15.10
Mantis Mantis 0.15.8
Mantis Mantis 0.15.9
Mantis Mantis 0.15.6
Mantis Mantis 0.15.7
Mantis Mantis 0.17.2
Mantis Mantis 0.17.3
Mantis Mantis 0.15.3
Mantis Mantis 0.15.4
Mantis Mantis 0.15.5
Mantis Mantis 0.17.0
Mantis Mantis 0.17.1
Mantis Mantis 0.15.11
Mantis Mantis 0.15.12
Mantis Mantis 0.16.0
Mantis Mantis 0.16.1
755
VMScore
CVE-2002-1113
summary_graph_functions.php in Mantis 0.17.3 and previous versions allows remote malicious users to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code.
Mantis Mantis 0.15.10
Mantis Mantis 0.15.7
Mantis Mantis 0.15.8
Mantis Mantis 0.15.5
Mantis Mantis 0.15.6
Mantis Mantis 0.17.2
Mantis Mantis 0.17.3
Mantis Mantis 0.15.3
Mantis Mantis 0.15.4
Mantis Mantis 0.17.0
Mantis Mantis 0.17.1
Mantis Mantis 0.15.11
Mantis Mantis 0.15.12
Mantis Mantis 0.15.9
Mantis Mantis 0.16.0
Mantis Mantis 0.16.1
1 EDB exploit
890
VMScore
CVE-2006-0665
Unspecified vulnerability in (1) query_store.php and (2) manage_proj_create.php in Mantis prior to 1.0.0 has unknown impact and attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. An original vendor bu...
Mantis Mantis 0.17.1
Mantis Mantis 0.17.2
Mantis Mantis 0.18.0a2
Mantis Mantis 0.18.0a3
Mantis Mantis 0.19.0a
Mantis Mantis 0.19.0a1
Mantis Mantis 1.0.0 Rc3
Mantis Mantis 1.0.0 Rc4
Mantis Mantis 0.18
Mantis Mantis 0.18.0 Rc1
Mantis Mantis 0.19.0
Mantis Mantis 0.19.0 Rc1
Mantis Mantis 0.19.4
Mantis Mantis 1.0.0 Rc1
Mantis Mantis 0.17.3
Mantis Mantis 0.17.4
Mantis Mantis 0.18.0a4
Mantis Mantis 0.18.2
Mantis Mantis 0.19.0a2
Mantis Mantis 0.19.1
Mantis Mantis 1.0.0a1
Mantis Mantis 1.0.0a2
383
VMScore
CVE-2006-0664
Cross-site scripting (XSS) vulnerability in config_defaults_inc.php in Mantis prior to 1.0 allows remote malicious users to inject arbitrary web script or HTML via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from th...
Mantis Mantis 0.17.5
Mantis Mantis 0.18
Mantis Mantis 0.18.0 Rc1
Mantis Mantis 0.19.0
Mantis Mantis 0.19.0 Rc1
Mantis Mantis 0.19.4
Mantis Mantis 1.0.0 Rc1
Mantis Mantis 0.17.4
Mantis Mantis 0.17.4a
Mantis Mantis 0.18.3
Mantis Mantis 0.18a1
Mantis Mantis 0.19.2
Mantis Mantis 0.19.3
Mantis Mantis 1.0.0a2
Mantis Mantis 1.0.0a3
Mantis Mantis 0.17.1
Mantis Mantis 0.18.0a2
Mantis Mantis 0.18.0a3
Mantis Mantis 0.19.0a
Mantis Mantis 0.19.0a1
Mantis Mantis 1.0.0 Rc2
Mantis Mantis 1.0.0 Rc3
505
VMScore
CVE-2004-1731
signup_page.php in Mantis bugtracker allows remote malicious users to send e-mail bombs by creating multiple users and providing the same e-mail address.
Mantis Mantis 0.12
Mantis Mantis 0.13
Mantis Mantis 0.14.5
Mantis Mantis 0.14.6
Mantis Mantis 0.15.2
Mantis Mantis 0.15.3
Mantis Mantis 0.16
Mantis Mantis 0.16.0
Mantis Mantis 0.17.4
Mantis Mantis 0.17.4a
Mantis Mantis 0.17.5
Mantis Mantis 0.19.0a
Mantis Mantis 0.9
Mantis Mantis 0.11
Mantis Mantis 0.11.1
Mantis Mantis 0.14.3
Mantis Mantis 0.14.4
Mantis Mantis 0.15.11
Mantis Mantis 0.15.12
Mantis Mantis 0.15.8
Mantis Mantis 0.15.9
Mantis Mantis 0.17.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »