Vulnerabilities (CVE)

Filtered by vendor Mantisbt Subscribe
Total 108 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-12419 3 Mantisbt, Mariadb, Mysql 3 Mantisbt, Mariadb, Mysql 2017-08-09 4.0 MEDIUM 4.9 MEDIUM
If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the 'admin' directory (as recommended in the "Post-installation and upgrade tasks" section of the MantisBT Admin Guide), and the MySQL client has a local_infile setting enabled (in php.ini mysqli.allow_local_infile, or the MySQL client config file, depending on the PHP setup), an attacker may take advantage of MySQL's "connect file read" feature to remotely access files on the MantisBT server.
CVE-2015-5059 1 Mantisbt 1 Mantisbt 2017-08-07 3.5 LOW 5.3 MEDIUM
The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files ($g_view_proj_doc_threshold) is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the file_id parameter to file_download.php.
CVE-2017-7241 1 Mantisbt 1 Mantisbt 2017-07-12 3.5 LOW 4.8 MEDIUM
A cross-site scripting (XSS) vulnerability in the MantisBT Move Attachments page (move_attachments_page.php, part of admin tools) allows remote attackers to inject arbitrary code through a crafted 'type' parameter, if Content Security Protection (CSP) settings allows it. This is fixed in 1.3.9, 2.1.3, and 2.2.3. Note that this vulnerability is not exploitable if the admin tools directory is removed, as recommended in the "Post-installation and upgrade tasks" of the MantisBT Admin Guide. A reminder to do so is also displayed on the login page.
CVE-2017-7309 1 Mantisbt 1 Mantisbt 2017-07-12 3.5 LOW 4.8 MEDIUM
A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted 'config_option' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3.
CVE-2017-6973 1 Mantisbt 1 Mantisbt 2017-07-12 3.5 LOW 4.8 MEDIUM
A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code through a crafted 'action' parameter. This is fixed in 1.3.8, 2.1.2, and 2.2.2.
CVE-2017-7897 1 Mantisbt 1 Mantisbt 2017-07-11 4.3 MEDIUM 6.1 MEDIUM
A cross-site scripting (XSS) vulnerability in the MantisBT (2.3.x before 2.3.2) Timeline include page, used in My View (my_view_page.php) and User Information (view_user_page.php) pages, allows remote attackers to inject arbitrary code (if CSP settings permit it) through crafted PATH_INFO in a URL, due to use of unsanitized $_SERVER['PHP_SELF'] to generate URLs.
CVE-2017-7620 1 Mantisbt 1 Mantisbt 2017-07-08 4.3 MEDIUM 6.5 MEDIUM
MantisBT before 1.3.11, 2.x before 2.3.3, and 2.4.x before 2.4.1 omits a backslash check in string_api.php and consequently has conflicting interpretations of an initial \/ substring as introducing either a local pathname or a remote hostname, which leads to (1) arbitrary Permalink Injection via CSRF attacks on a permalink_page.php?url= URI and (2) an open redirect via a login_page.php?return= URI.
CVE-2017-7222 1 Mantisbt 1 Mantisbt 2017-03-23 4.3 MEDIUM 6.1 MEDIUM
A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 allows remote attackers to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by modifying 'window_title' in the application configuration. This requires privileged access to MantisBT configuration management pages (i.e., administrator access rights) or altering the system configuration file (config_inc.php).
CVE-2016-7111 1 Mantisbt 1 Mantisbt 2017-02-22 2.6 LOW 4.7 MEDIUM
MantisBT before 1.3.1 and 2.x before 2.0.0-beta.2 uses a weak Content Security Policy when using the Gravatar plugin, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
CVE-2016-5364 1 Mantisbt 1 Mantisbt 2017-02-22 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in manage_custom_field_edit_page.php in MantisBT 1.2.19 and earlier allows remote attackers to inject arbitrary web script or HTML via the return parameter.
CVE-2016-6837 1 Mantisbt 1 Mantisbt 2017-01-11 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in MantisBT Filter API in MantisBT versions before 1.2.19, and versions 2.0.0-beta1, 1.3.0-beta1 allows remote attackers to inject arbitrary web script or HTML via the 'view_type' parameter.
CVE-2014-9089 2 Debian, Mantisbt 2 Debian Linux, Mantisbt 2017-01-03 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in view_all_bug_page.php in MantisBT before 1.2.18 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to view_all_set.php.
CVE-2014-9506 1 Mantisbt 1 Mantisbt 2017-01-03 3.5 LOW N/A
MantisBT before 1.2.18 does not properly check permissions when sending an email that indicates when a monitored issue is related to another issue, which allows remote authenticated users to obtain sensitive information about restricted issues.
CVE-2014-9388 1 Mantisbt 1 Mantisbt 2017-01-03 5.0 MEDIUM N/A
bug_report.php in MantisBT before 1.2.18 allows remote attackers to assign arbitrary issues via the handler_id parameter.
CVE-2014-8986 1 Mantisbt 1 Mantisbt 2017-01-03 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in the selection list in the filters in the Configuration Report page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.17 allows remote administrators to inject arbitrary web script or HTML via a crafted config option, a different vulnerability than CVE-2014-8987.
CVE-2014-9759 1 Mantisbt 1 Mantisbt 2016-12-03 5.0 MEDIUM 5.3 MEDIUM
Incomplete blacklist vulnerability in the config_is_private function in config_api.php in MantisBT 1.3.x before 1.3.0 allows remote attackers to obtain sensitive master salt configuration information via a SOAP API request.
CVE-2014-8987 1 Mantisbt 1 Mantisbt 2015-08-25 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in the "set configuration" box in the Configuration Report page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.17 allows remote administrators to inject arbitrary web script or HTML via the config_option parameter, a different vulnerability than CVE-2014-8986.
CVE-2013-1810 1 Mantisbt 1 Mantisbt 2014-05-16 2.1 LOW N/A
Multiple cross-site scripting (XSS) vulnerabilities in core/summary_api.php in MantisBT 1.2.12 allow remote authenticated users with manager or administrator permissions to inject arbitrary web script or HTML via a (1) category name in the summary_print_by_category function or (2) project name in the summary_print_by_project function.
CVE-2013-0197 1 Mantisbt 1 Mantisbt 2014-05-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_api.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or HTML via the match_type parameter to bugs/search.php.
CVE-2012-1118 1 Mantisbt 1 Mantisbt 2013-08-27 4.3 MEDIUM N/A
The access_has_bug_level function in core/access_api.php in MantisBT before 1.2.9 does not properly restrict access when the private_bug_view_threshold is set to an array, which allows remote attackers to bypass intended restrictions and perform certain operations on private bug reports.