Filter
AND
Versions
0.19.2
10
0.19.0
8
0.19.1
8
0.19.3
8
0.19.4
7
0.17.0
6
0.19.0a1
6
0.19.0a2
6
0.17.1
5
0.17.2
5
0.17.3
5
0.18.0
5
0.19.0_rc1
5
1.0.0
5
1.0.1
5
1.0.2
5
1.0.3
5
1.0.4
5
1.0.5
5
1.1.1
5
1.2.0
5
1.2.0-alpha1
5
1.2.0-alpha2
5
1.2.0-alpha3
5
1.2.0-rc1
5
1.2.0-rc2
5
1.2.1
5
1.2.2
5
1.2.3
5
1.2.4
5
1.2.5
5
1.2.6
5
1.2.7
5
1.2.8
5
0.16.0
4
0.17.4a
4
0.19.0a
4
1.0.0_rc2
4
1.0.0a1
4
1.0.0a2
4
1.0.0a3
4
1.0.6
4
1.0.7
4
1.0.8
4
1.1.0
4
1.1.2
4
1.2.10
4
1.2.17
4
1.2.9
4
0.10
3
0.10.1
3
0.10.2
3
0.11
3
0.11.1
3
0.12
3
0.13
3
0.13.1
3
0.14
3
0.14.1
3
0.14.2
3
0.14.3
3
0.14.4
3
0.14.5
3
0.14.6
3
0.14.7
3
0.14.8
3
0.15
3
0.15.1
3
0.15.10
3
0.15.11
3
0.15.12
3
0.15.2
3
0.15.3
3
0.15.4
3
0.15.5
3
0.15.6
3
0.15.7
3
0.15.8
3
0.15.9
3
0.16
3
0.16.1
3
0.17
3
0.17.4
3
0.18
3
0.18.0_rc1
3
0.18.0a2
3
0.18.0a3
3
0.18.0a4
3
0.18.2
3
0.18.3
3
0.18a1
3
0.19.0-a1
3
0.19.0-a2
3
0.19.0-rc1
3
0.19.5
3
1.0.0-a1
3
1.0.0-a2
3
1.0.0-a3
3
1.0.0-rc1
3
1.0.0-rc2
3
1.0.0-rc3
3
1.0.0-rc4
3
1.0.0-rc5
3
1.0.0_rc4
3
1.0.9
3
1.1.0-a1
3
1.1.0-a2
3
1.1.0-a3
3
1.1.0-a4
3
1.1.0-rc1
3
1.1.0-rc2
3
1.1.0-rc3
3
1.1.3
3
1.1.4
3
1.1.5
3
1.1.6
3
1.1.7
3
1.1.8
3
1.1.9
3
1.2.11
3
1.2.13
3
1.2.14
3
1.2.15
3
0.10.0
2
0.11.0
2
0.12.0
2
0.13.0
2
0.14.0
2
0.15.0
2
0.17.5
2
0.18.0a1
2
0.18.1
2
0.9
2
0.9.1
2
1.0.0_rc1
2
1.0.0_rc3
2
1.2.18
2
0.19
1
0.9.0
1
1.0
1
1.0.0_rc5
1
1.0.0rc1
1
1.0.0rc2
1
1.0.0rc3
1
1.0.0rc4
1
1.1
1
1.1.0a1
1
1.2.0a1
1
1.2.0a2
1
1.2.12
1
1.2.16
1
1.3.0-beta1
1
2.0.0
1
2.3.0
1
composer/mantisbt/mantisbtMantisBT user account takeover in the signup/reset password process
7.3
EPSS
0.04%
First published (updated )
composer/mantisbt/mantisbtMantisBT Host Header Injection vulnerability
8.3
EPSS
0.04%
First published (updated )
MantisBTLack of Neutralization of Formula Elements in the CSV API of MantisBT before 2.25.3 allows an unpriv…
7.8
First published (updated )
MantisBTAn issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each us…
8.1
First published (updated )
MantisBTAn issue was discovered in MantisBT before 2.24.4. An incorrect access check in bug_revision_view_pa…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MantisBTCAPTCHA bypass vulnerability in MantisBT before 1.2.19.
7.5
First published (updated )
MantisBTMantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty…
8.8
First published (updated )
MantisBTMantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*/install…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MantisBTThe mci_check_login function in api/soap/mc_api.php in the SOAP API in MantisBT before 1.2.9 allows …
7.5
First published (updated )
MantisBTThe mc_issue_note_update function in the SOAP API in MantisBT before 1.2.11 does not properly check …
7.5
First published (updated )
MantisBTMantis before 1.1.3 does not unset the session cookie during logout, which makes it easier for remot…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ADOdb LiteDynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, …
7.5
First published (updated )
MantisBTMantis before 0.19.4 allows remote attackers to bypass the file upload size restriction by modifying…
7.5
First published (updated )
MantisBTMantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack v…
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MantisBTPHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 …
7.5
First published (updated )
MantisBTcore/database_api.php in Mantis 0.19.0a1 through 1.0.0a3, with register_globals enabled, allows remo…
7.5
First published (updated )
MantisBTPHP remote file inclusion vulnerability in Mantis 0.19.0a allows remote attackers to execute arbitra…
7.5
First published (updated )
MantisBTsummary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrar…
7.5
First published (updated )
MantisBTThe "View Bugs" page (view_all_bug_page.php) in Mantis 0.17.4a and earlier includes summaries of pri…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.