Mantis
by Mantisbt
Source repositories
CVEs (51)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-6382 | Low | 0.21 | 3.3 | 0.01 | Jan 30, 2018 | MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. NOTE: the vendor disputes the significance of this report because server.php is intended to execute arbitrary SQL… | ||
| CVE-2008-4687 | 0.08 | — | 0.67 | Oct 22, 2008 | manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by create_function within the multi_sort function in core/utility_api.php. | |||
| CVE-2008-3332 | 0.04 | — | 0.09 | Jul 27, 2008 | Eval injection vulnerability in adm_config_set.php in Mantis before 1.1.2 allows remote authenticated administrators to execute arbitrary code via the value parameter. | |||
| CVE-2006-0147 | 0.04 | — | 0.13 | Jan 9, 2006 | Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote… | |||
| CVE-2006-0146 | 0.04 | — | 0.13 | Jan 9, 2006 | The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to… | |||
| CVE-2008-3331 | 0.03 | — | 0.04 | Jul 27, 2008 | Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the filter_target parameter. | |||
| CVE-2008-2276 | 0.03 | — | 0.03 | May 16, 2008 | Cross-site request forgery (CSRF) vulnerability in manage_user_create.php in Mantis 1.1.1 allows remote attackers to create new administrative users via a crafted link. | |||
| CVE-2006-0841 | 0.03 | — | 0.05 | Feb 22, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) hide_status, (2) handler_id, (3) user_monitor, (4) reporter_id, (5) view_type, (6) show_severity, (7) show_category, (8)… | |||
| CVE-2004-1731 | 0.03 | — | 0.03 | Aug 20, 2004 | signup_page.php in Mantis bugtracker allows remote attackers to send e-mail bombs by creating multiple users and providing the same e-mail address. | |||
| CVE-2002-1113 | 0.03 | — | 0.03 | Oct 4, 2002 | summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code. | |||
| CVE-2008-4688 | 0.01 | — | 0.12 | Oct 22, 2008 | core/string_api.php in Mantis before 1.1.3 does not check the privileges of the viewer before composing a link with issue data in the source anchor, which allows remote attackers to discover an issue's title and status via a request with a modified issue number. | |||
| CVE-2005-3335 | 0.01 | — | 0.07 | Oct 27, 2005 | PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter. | |||
| CVE-2013-1811 | 0.00 | — | 0.01 | Nov 7, 2019 | An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New". | |||
| CVE-2018-6526 | Med | 0.00 | 5.3 | 0.04 | Feb 2, 2018 | view_all_bug_page.php in MantisBT 2.10.0-development before 2018-02-02 allows remote attackers to discover the full path via an invalid filter parameter, related to a filter_ensure_valid_filter call in current_user_api.php. | ||
| CVE-2008-4689 | 0.00 | — | 0.02 | Oct 22, 2008 | Mantis before 1.1.3 does not unset the session cookie during logout, which makes it easier for remote attackers to hijack sessions. | |||
| CVE-2008-3102 | 0.00 | — | 0.02 | Sep 24, 2008 | Mantis 1.1.x through 1.1.2 and 1.2.x through 1.2.0a2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. | |||
| CVE-2008-3333 | 0.00 | — | 0.02 | Jul 27, 2008 | Directory traversal vulnerability in core/lang_api.php in Mantis before 1.1.2 allows remote attackers to include and execute arbitrary files via the language parameter to the user preferences page (account_prefs_update.php). | |||
| CVE-2008-0404 | 0.00 | — | 0.02 | Jan 23, 2008 | Cross-site scripting (XSS) vulnerability in Mantis before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "Most active bugs" summary. | |||
| CVE-2007-6611 | 0.00 | — | 0.02 | Jan 3, 2008 | Cross-site scripting (XSS) vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bug_report.php. | |||
| CVE-2006-6574 | 0.00 | — | 0.02 | Dec 15, 2006 | Mantis before 1.1.0a2 does not implement per-item access control for Issue History (Bug History), which allows remote attackers to obtain sensitive information by reading the Change column, as demonstrated by the Change column of a custom field. |
- risk 0.21cvss 3.3epss 0.01
MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. NOTE: the vendor disputes the significance of this report because server.php is intended to execute arbitrary SQL…
- CVE-2008-4687Oct 22, 2008risk 0.08cvss —epss 0.67
manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by create_function within the multi_sort function in core/utility_api.php.
- CVE-2008-3332Jul 27, 2008risk 0.04cvss —epss 0.09
Eval injection vulnerability in adm_config_set.php in Mantis before 1.1.2 allows remote authenticated administrators to execute arbitrary code via the value parameter.
- CVE-2006-0147Jan 9, 2006risk 0.04cvss —epss 0.13
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote…
- CVE-2006-0146Jan 9, 2006risk 0.04cvss —epss 0.13
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to…
- CVE-2008-3331Jul 27, 2008risk 0.03cvss —epss 0.04
Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the filter_target parameter.
- CVE-2008-2276May 16, 2008risk 0.03cvss —epss 0.03
Cross-site request forgery (CSRF) vulnerability in manage_user_create.php in Mantis 1.1.1 allows remote attackers to create new administrative users via a crafted link.
- CVE-2006-0841Feb 22, 2006risk 0.03cvss —epss 0.05
Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) hide_status, (2) handler_id, (3) user_monitor, (4) reporter_id, (5) view_type, (6) show_severity, (7) show_category, (8)…
- CVE-2004-1731Aug 20, 2004risk 0.03cvss —epss 0.03
signup_page.php in Mantis bugtracker allows remote attackers to send e-mail bombs by creating multiple users and providing the same e-mail address.
- CVE-2002-1113Oct 4, 2002risk 0.03cvss —epss 0.03
summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code.
- CVE-2008-4688Oct 22, 2008risk 0.01cvss —epss 0.12
core/string_api.php in Mantis before 1.1.3 does not check the privileges of the viewer before composing a link with issue data in the source anchor, which allows remote attackers to discover an issue's title and status via a request with a modified issue number.
- CVE-2005-3335Oct 27, 2005risk 0.01cvss —epss 0.07
PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.
- CVE-2013-1811Nov 7, 2019risk 0.00cvss —epss 0.01
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".
- risk 0.00cvss 5.3epss 0.04
view_all_bug_page.php in MantisBT 2.10.0-development before 2018-02-02 allows remote attackers to discover the full path via an invalid filter parameter, related to a filter_ensure_valid_filter call in current_user_api.php.
- CVE-2008-4689Oct 22, 2008risk 0.00cvss —epss 0.02
Mantis before 1.1.3 does not unset the session cookie during logout, which makes it easier for remote attackers to hijack sessions.
- CVE-2008-3102Sep 24, 2008risk 0.00cvss —epss 0.02
Mantis 1.1.x through 1.1.2 and 1.2.x through 1.2.0a2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
- CVE-2008-3333Jul 27, 2008risk 0.00cvss —epss 0.02
Directory traversal vulnerability in core/lang_api.php in Mantis before 1.1.2 allows remote attackers to include and execute arbitrary files via the language parameter to the user preferences page (account_prefs_update.php).
- CVE-2008-0404Jan 23, 2008risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in Mantis before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "Most active bugs" summary.
- CVE-2007-6611Jan 3, 2008risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bug_report.php.
- CVE-2006-6574Dec 15, 2006risk 0.00cvss —epss 0.02
Mantis before 1.1.0a2 does not implement per-item access control for Issue History (Bug History), which allows remote attackers to obtain sensitive information by reading the Change column, as demonstrated by the Change column of a custom field.
Page 1 of 3