Filter
AND
MantisBTUnspecified vulnerability in (1) query_store.php and (2) manage_proj_create.php in Mantis before 1.0…
10
First published (updated )
MantisBTcore/database_api.php in Mantis 0.19.0a1 through 1.0.0a3, with register_globals enabled, allows remo…
7.5
First published (updated )
MantisBTMantis before 0.19.4 allows remote attackers to bypass the file upload size restriction by modifying…
7.5
First published (updated )
MantisBTThe mc_issue_note_update function in the SOAP API in MantisBT before 1.2.11 does not properly check …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MantisBTThe mci_check_login function in api/soap/mc_api.php in the SOAP API in MantisBT before 1.2.9 allows …
7.5
First published (updated )
MantisBTMantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack v…
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MantisBTMantisBT before 1.2.9 does not audit when users copy or clone a bug report, which makes it easier fo…
6.4
First published (updated )
MantisBTcore/email_api.php in MantisBT before 1.2.12 does not properly manage the sending of e-mail notifica…
5.5
First published (updated )
MantisBTMantisBT before 1.2.12 does not use an expected default value during decisions about whether a user …
5.5
First published (updated )
MantisBTUnspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display th…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MantisBTMantis 1.0.0rc3 and earlier discloses private bugs via public RSS feeds, which allows remote attacke…
First published (updated )
MantisBTmanage_user_page.php in Mantis 1.00rc4 and earlier does not properly handle a sort parameter contain…
First published (updated )
MantisBTMantisBT before 1.2.9 does not properly check permissions, which allows remote authenticated users w…
4.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MantisBTThe access_has_bug_level function in core/access_api.php in MantisBT before 1.2.9 does not properly …
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.