Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mantisbt mantisbt 1.1.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3102
Mantis 1.1.x up to and including 1.1.2 and 1.2.x up to and including 1.2.0a2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote malicious users to capture this cookie.
Mantisbt Mantisbt 1.2.0a1
Mantisbt Mantisbt 1.2.0a2
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.1.2
NA
CVE-2011-2938
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in MantisBT prior to 1.2.7 allow remote malicious users to inject arbitrary web script or HTML via a parameter, as demonstrated by the project_id parameter to search.php.
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.1.2
Mantisbt Mantisbt 1.1.8
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.4
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 1.0.8
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.0.6
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 1.1.6
Mantisbt Mantisbt
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 1.0.5
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 1.0.1
Mantisbt Mantisbt 1.0.0
1 EDB exploit
NA
CVE-2011-3356
Multiple cross-site scripting (XSS) vulnerabilities in config_defaults_inc.php in MantisBT prior to 1.2.8 allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO, as demonstrated by the PATH_INFO to (1) manage_config_email_page.php, (2) manage_config...
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.0.5
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 1.1.2
Mantisbt Mantisbt 1.0.8
Mantisbt Mantisbt 1.1.8
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.4
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 1.0.1
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt 1.0.7
Mantisbt Mantisbt 1.0.4
Mantisbt Mantisbt 1.1.7
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 1.1.0
NA
CVE-2011-3578
Cross-site scripting (XSS) vulnerability in bug_actiongroup_ext_page.php in MantisBT prior to 1.2.8 allows remote malicious users to inject arbitrary web script or HTML via the action parameter, related to bug_actiongroup_page.php, a different vulnerability than CVE-2011-3357.
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 1.0.4
Mantisbt Mantisbt 1.0.5
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.1.2
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.1.8
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.4
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 1.0.1
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt 1.0.6
Mantisbt Mantisbt 1.0.7
Mantisbt Mantisbt 1.1.7
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 1.0.8
NA
CVE-2011-3357
Directory traversal vulnerability in bug_actiongroup_ext_page.php in MantisBT prior to 1.2.8 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the action parameter, related to bug_actiongroup_page.php.
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 1.0.1
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt 1.0.6
Mantisbt Mantisbt 1.0.7
Mantisbt Mantisbt 1.1.6
Mantisbt Mantisbt 1.1.7
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 1.0.4
Mantisbt Mantisbt 1.0.5
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.0.8
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 1.2.6
Mantisbt Mantisbt
Mantisbt Mantisbt 1.1.1
NA
CVE-2011-3358
Multiple cross-site scripting (XSS) vulnerabilities in MantisBT prior to 1.2.8 allow remote malicious users to inject arbitrary web script or HTML via the (1) os, (2) os_build, or (3) platform parameter to (a) bug_report_page.php or (b) bug_update_advanced_page.php, related to us...
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.1.2
Mantisbt Mantisbt 1.0.8
Mantisbt Mantisbt 1.1.8
Mantisbt Mantisbt 1.2.2
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 1.2.6
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 1.0.1
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.0.6
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 1.1.6
Mantisbt Mantisbt
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.0.5
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.2.3
Mantisbt Mantisbt 1.2.4
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt 0.19.4
NA
CVE-2010-3763
Cross-site scripting (XSS) vulnerability in core/summary_api.php in MantisBT prior to 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via the Summary field, a different vector than CVE-2010-3303.
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 1.1.7
Mantisbt Mantisbt 1.0.4
Mantisbt Mantisbt 1.0.5
Mantisbt Mantisbt 0.19.0a1
Mantisbt Mantisbt 0.19.0a2
Mantisbt Mantisbt 1.0.0a3
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.0.8
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.0.1
Mantisbt Mantisbt 0.19.1
Mantisbt Mantisbt 0.19.2
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 0.19.0
Mantisbt Mantisbt 1.1.2
NA
CVE-2010-3303
Multiple cross-site scripting (XSS) vulnerabilities in MantisBT prior to 1.2.3 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) a plugin name, related to manage_plugin_uninstall.php; (2) an enumeration value or (3) a String value of a custo...
Mantisbt Mantisbt 1.1.7
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.1.2
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.0.6
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 0.19.2
Mantisbt Mantisbt 1.0.0a1
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt 0.19.5
Mantisbt Mantisbt 1.1.6
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 0.19.0a2
Mantisbt Mantisbt 0.19.0
Mantisbt Mantisbt 1.1.8
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 1.0.7
Mantisbt Mantisbt 1.0.4
Mantisbt Mantisbt 1.0.5
NA
CVE-2010-2802
Cross-site scripting (XSS) vulnerability in MantisBT prior to 1.2.2 allows remote authenticated users to inject arbitrary web script or HTML via an HTML document with a .gif filename extension, related to inline attachments.
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.0.8
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.1.2
Mantisbt Mantisbt 1.0.3
Mantisbt Mantisbt 1.0.2
Mantisbt Mantisbt 1.0.1
Mantisbt Mantisbt 1.0.0
Mantisbt Mantisbt 0.19.3
Mantisbt Mantisbt 0.19.0
Mantisbt Mantisbt 0.19.1
Mantisbt Mantisbt 0.19.2
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 1.1.7
Mantisbt Mantisbt 1.0.6
Mantisbt Mantisbt 1.0.4
Mantisbt Mantisbt 0.19.4
Mantisbt Mantisbt 0.19.0a1
Mantisbt Mantisbt 1.0.0a2
Mantisbt Mantisbt 0.19.5
NA
CVE-2014-9269
Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT 1.1.0a1 up to and including 1.2.x prior to 1.2.18, when Extended project browser is enabled, allows remote malicious users to inject arbitrary web script or HTML via the project cookie.
Mantisbt Mantisbt 1.1.0
Mantisbt Mantisbt 1.1.4
Mantisbt Mantisbt 1.1.5
Mantisbt Mantisbt 1.2.0
Mantisbt Mantisbt 1.2.4
Mantisbt Mantisbt 1.2.5
Mantisbt Mantisbt 1.2.12
Mantisbt Mantisbt 1.2.13
Mantisbt Mantisbt 1.1.1
Mantisbt Mantisbt 1.1.8
Mantisbt Mantisbt 1.1.9
Mantisbt Mantisbt 1.2.0a2
Mantisbt Mantisbt 1.2.1
Mantisbt Mantisbt 1.2.8
Mantisbt Mantisbt 1.2.9
Mantisbt Mantisbt 1.2.17
Mantisbt Mantisbt 1.1.6
Mantisbt Mantisbt 1.1.7
Mantisbt Mantisbt 1.2.0a1
Mantisbt Mantisbt 1.2.6
Mantisbt Mantisbt 1.2.7
Mantisbt Mantisbt 1.2.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »