Vulnerabilities (CVE)

Filtered by vendor Mantisbt Subscribe
Total 108 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-9279 1 Mantisbt 1 Mantisbt 2021-01-12 5.0 MEDIUM N/A
The print_test_result function in admin/upgrade_unattended.php in MantisBT 1.1.0a3 through 1.2.x before 1.2.18 allows remote attackers to obtain database credentials via a URL in the hostname parameter and reading the parameters in the response sent to the URL.
CVE-2012-5523 1 Mantisbt 1 Mantisbt 2021-01-12 5.5 MEDIUM N/A
core/email_api.php in MantisBT before 1.2.12 does not properly manage the sending of e-mail notifications about restricted bugs, which might allow remote authenticated users to obtain sensitive information by adding a note to a bug before losing permission to view that bug.
CVE-2012-2692 1 Mantisbt 1 Mantisbt 2021-01-12 3.6 LOW N/A
MantisBT before 1.2.11 does not check the delete_attachments_threshold permission when form_security_validation is set to OFF, which allows remote authenticated users with certain privileges to bypass intended access restrictions and delete arbitrary attachments.
CVE-2013-4460 1 Mantisbt 1 Mantisbt 2021-01-12 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name.
CVE-2015-1042 1 Mantisbt 1 Mantisbt 2021-01-12 5.8 MEDIUM N/A
The string_sanitize_url function in core/string_api.php in MantisBT 1.2.0a3 through 1.2.18 uses an incorrect regular expression, which allows remote attackers to conduct open redirect and phishing attacks via a URL with a ":/" (colon slash) separator in the return parameter to login_page.php, a different vulnerability than CVE-2014-6316.
CVE-2012-1120 1 Mantisbt 1 Mantisbt 2021-01-12 3.6 LOW N/A
The SOAP API in MantisBT before 1.2.9 does not properly enforce the bugnote_allow_user_edit_delete and delete_bug_threshold permissions, which allows remote authenticated users with read and write SOAP API privileges to delete arbitrary bug reports and bug notes.
CVE-2012-2691 1 Mantisbt 1 Mantisbt 2021-01-12 7.5 HIGH N/A
The mc_issue_note_update function in the SOAP API in MantisBT before 1.2.11 does not properly check privileges, which allows remote attackers with bug reporting privileges to edit arbitrary bugnotes via a SOAP request.
CVE-2014-9270 1 Mantisbt 1 Mantisbt 2021-01-12 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the projax_array_serialize_for_autocomplete function in core/projax_api.php in MantisBT 1.1.0a3 through 1.2.17 allows remote attackers to inject arbitrary web script or HTML via the "profile/Platform" field.
CVE-2012-1121 1 Mantisbt 1 Mantisbt 2021-01-12 4.9 MEDIUM N/A
MantisBT before 1.2.9 does not properly check permissions, which allows remote authenticated users with manager privileges to (1) modify or (2) delete global categories.
CVE-2020-28413 1 Mantisbt 1 Mantisbt 2021-01-05 4.0 MEDIUM 6.5 MEDIUM
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mc_project_get_users function through the API SOAP.
CVE-2020-25830 1 Mantisbt 1 Mantisbt 2020-10-13 3.5 LOW 4.8 MEDIUM
An issue was discovered in MantisBT before 2.24.3. Improper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when attempting to update said custom field via bug_actiongroup_page.php.
CVE-2020-25288 1 Mantisbt 1 Mantisbt 2020-10-13 3.5 LOW 4.8 MEDIUM
An issue was discovered in MantisBT before 2.24.3. When editing an Issue in a Project where a Custom Field with a crafted Regular Expression property is used, improper escaping of the corresponding form input's pattern attribute allows HTML injection and, if CSP settings permit, execution of arbitrary JavaScript.
CVE-2019-15715 1 Mantisbt 1 Mantisbt 2020-09-18 6.5 MEDIUM 7.2 HIGH
MantisBT before 1.3.20 and 2.22.1 allows Post Authentication Command Injection, leading to Remote Code Execution.
CVE-2017-7615 1 Mantisbt 1 Mantisbt 2020-09-18 6.5 MEDIUM 8.8 HIGH
MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
CVE-2020-16266 1 Mantisbt 1 Mantisbt 2020-08-17 3.5 LOW 5.4 MEDIUM
An XSS issue was discovered in MantisBT before 2.24.2. Improper escaping on view_all_bug_page.php allows a remote attacker to inject arbitrary HTML into the page by saving it into a text Custom Field, leading to possible code execution in the browser of any user subsequently viewing the issue (if CSP settings allow it).
CVE-2019-15539 1 Mantisbt 1 Mantisbt 2020-03-24 4.3 MEDIUM 6.1 MEDIUM
The proj_doc_edit_page.php Project Documentation feature in MantisBT before 2.21.3 has a stored cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code (if CSP settings permit it) after uploading an attachment with a crafted filename. The code is executed when editing the document's page.
CVE-2018-16362 1 Mantisbt 1 Source Integration 2020-02-20 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in the Source Integration plugin before 1.5.9 and 2.x before 2.1.5 for MantisBT. A cross-site scripting (XSS) vulnerability in the Manage Repository and Changesets List pages allows execution of arbitrary code (if CSP settings permit it) via repo_manage_page.php or list.php.
CVE-2020-8981 1 Mantisbt 1 Source Integration 2020-02-19 4.3 MEDIUM 6.1 MEDIUM
A cross-site scripting (XSS) vulnerability was discovered in the Source Integration plugin before 1.6.2 and 2.x before 2.3.1 for MantisBT. The repo_delete.php Delete Repository page allows execution of arbitrary code via a repo name (if CSP settings permit it). This is related to CVE-2018-16362.
CVE-2009-2802 1 Mantisbt 1 Mantisbt 2019-11-12 4.3 MEDIUM 6.1 MEDIUM
MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.
CVE-2013-1811 2 Debian, Mantisbt 2 Debian Linux, Mantisbt 2019-11-09 4.0 MEDIUM 4.3 MEDIUM
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".