Filters

Mantisbt MantisbtThe string_sanitize_url function in core/string_api.php in MantisBT 1.2.0a3 through 1.2.18 uses an i…

medium
5.8
First published (updated )
CVE-2015-1042

Mantisbt MantisbtXSS

low
2.6
First published (updated )
CVE-2014-9269

Mantisbt MantisbtXSS

medium
4.3
First published (updated )
CVE-2014-9272

Mantisbt MantisbtXSS

medium
5.4
First published (updated )
CVE-2014-9271

Mantisbt MantisbtSQL Injection

high
7.5
First published (updated )
CVE-2014-8554

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mantisbt Mantisbtgpc_api.php in MantisBT 1.2.17 and earlier allows remote attackers to bypass authenticated via a pas…

medium
5
First published (updated )
CVE-2014-6387

Mantisbt MantisbtSQL Injection

high
7.5
First published (updated )
CVE-2014-1609

Mantisbt MantisbtSQL Injection

high
7.5
First published (updated )
CVE-2014-1608

Mantisbt MantisbtXSS

low
3.5
First published (updated )
CVE-2013-4460

Mantisbt Mantisbtcore/email_api.php in MantisBT before 1.2.12 does not properly manage the sending of e-mail notifica…

medium
5.5
First published (updated )
CVE-2012-5523

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mantisbt MantisbtMantisBT before 1.2.12 does not use an expected default value during decisions about whether a user …

medium
5.5
First published (updated )
CVE-2012-5522

Mantisbt MantisbtMantisBT before 1.2.9 does not properly check permissions, which allows remote authenticated users w…

medium
4.9
First published (updated )
CVE-2012-1121

Mantisbt MantisbtThe mci_check_login function in api/soap/mc_api.php in the SOAP API in MantisBT before 1.2.9 allows …

high
7.5
First published (updated )
CVE-2012-1123

Mantisbt Mantisbtbug_actiongroup.php in MantisBT before 1.2.9 does not properly check the report_bug_threshold permis…

low
3.6
First published (updated )
CVE-2012-1122

Mantisbt MantisbtMantisBT before 1.2.9 does not audit when users copy or clone a bug report, which makes it easier fo…

medium
6.4
First published (updated )
CVE-2012-1119

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mantisbt MantisbtThe SOAP API in MantisBT before 1.2.9 does not properly enforce the bugnote_allow_user_edit_delete a…

low
3.6
First published (updated )
CVE-2012-1120

Mantisbt MantisbtThe access_has_bug_level function in core/access_api.php in MantisBT before 1.2.9 does not properly …

medium
4.3
First published (updated )
CVE-2012-1118

Mantisbt MantisbtMantisBT before 1.2.11 does not check the delete_attachments_threshold permission when form_security…

low
3.6
First published (updated )
CVE-2012-2692

Mantisbt MantisbtThe mc_issue_note_update function in the SOAP API in MantisBT before 1.2.11 does not properly check …

high
7.5
First published (updated )
CVE-2012-2691

Mantisbt MantisbtXSS

medium
4.3
First published (updated )
CVE-2011-3358

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Mantisbt MantisbtPath Traversal

medium
6.8
First published (updated )
CVE-2011-3357

Mantisbt MantisbtXSS

medium
4.3
First published (updated )
CVE-2011-3578

Mantisbt MantisbtXSS, Path Traversal

medium
4.3
First published (updated )
CVE-2011-3356

Mantisbt MantisbtXSS, SQL Injection

medium
4.3
First published (updated )
CVE-2011-2938

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203