CVSS: 6.5EPSS: 1%CPEs: 95EXPL: 1CVE-2008-3332 – Mantis Bug Tracker 1.1.1 - Code Execution / Cross-Site Scripting / Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2008-3332
Eval injection vulnerability in adm_config_set.php in Mantis before 1.1.2 allows remote authenticated administrators to execute arbitrary code via the value parameter. Vulnerabilidad de inyección "Eval" en adm_config_set.php en Mantis anterior a 1.1.2, permite a administradores autenticados remotamente ejecutar código de su elección a través del parámetro "value". • https://www.exploit-db.com/exploits/5657 http://marc.info/?l=bugtraq&m=121130774617956&w=4 http://secunia.com/advisories/30270 http://secunia.com/advisories/31972 http://securityreason.com/securityalert/4044 http://www.gentoo.org/security/en/glsa/glsa-200809-10.xml http://www.mantisbt.org/bugs/changelog_page.php http://www.securityfocus.com/bid/29297 http://www.vupen.com/english/advisories/2008/1598/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42550 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 5%CPEs: 73EXPL: 0CVE-2008-0404
https://notcve.org/view.php?id=CVE-2008-0404
Cross-site scripting (XSS) vulnerability in Mantis before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "Most active bugs" summary. Una vulnerabilidad de tipo cross-site scripting (XSS) en Mantis versiones anteriores a 1.1.1, permite a atacantes remotos inyectar script web o HTML arbitrario por medio de vectores relacionados con el resumen de "Most active bugs". • http://secunia.com/advisories/28577 http://secunia.com/advisories/28591 http://sourceforge.net/project/shownotes.php?release_id=569765 http://www.securityfocus.com/bid/27367 http://www.vupen.com/english/advisories/2008/0232 https://bugzilla.redhat.com/show_bug.cgi?id=429552 https://exchange.xforce.ibmcloud.com/vulnerabilities/39801 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00676.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00734.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 5%CPEs: 1EXPL: 0CVE-2007-6611
https://notcve.org/view.php?id=CVE-2007-6611
Cross-site scripting (XSS) vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bug_report.php. Una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo view.php en Mantis versiones anteriores a 1.1.0, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio del filename, relacionado con el archivo bug_report.php. • http://osvdb.org/39873 http://secunia.com/advisories/28185 http://secunia.com/advisories/28352 http://secunia.com/advisories/28551 http://secunia.com/advisories/29198 http://security.gentoo.org/glsa/glsa-200803-04.xml http://sourceforge.net/project/shownotes.php?release_id=562940 http://www.debian.org/security/2008/dsa-1467 http://www.mantisbt.org/bugs/view.php?id=8679 http://www.securityfocus.com/bid/27045 https://bugzilla.redhat.com/show_bug.cgi?id=427277 https:& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 0CVE-2006-6574
https://notcve.org/view.php?id=CVE-2006-6574
Mantis before 1.1.0a2 does not implement per-item access control for Issue History (Bug History), which allows remote attackers to obtain sensitive information by reading the Change column, as demonstrated by the Change column of a custom field. Mantis anterior a 1.1.0a2 no implementa el control de acceso del por artículo para Issue History (Bug History), lo cual permite a un atacante remoto obtener información sensible a través de la lectura de la columna Change, como se demostró por la columna Change de un campo cliente. • http://bugs.mantisbugtracker.com/view.php?id=3375 http://bugs.mantisbugtracker.com/view.php?id=7364 http://mantisbt.cvs.sourceforge.net/mantisbt/mantisbt/core/history_api.php?r1=1.34&r2=1.35 http://mantisbt.cvs.sourceforge.net/mantisbt/mantisbt/core/history_api.php?view=log http://secunia.com/advisories/23258 http://secunia.com/advisories/28551 http://sourceforge.net/project/shownotes.php? •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 0CVE-2006-6515
https://notcve.org/view.php?id=CVE-2006-6515
Mantis before 1.1.0a2 sets the default value of $g_bug_reminder_threshold to "reporter" instead of a more privileged role, which has unknown impact and attack vectors, possibly related to frequency of reminders. Mantis en versiones anteriores a la 1.1.0a2 establece el valor por defecto del $g_bug_reminder_threshold a "reporter" en vez de un rol con más privilegios, lo cual tiene un impacto desconocido y vectores de ataque, posiblemente relacionado con la frecuencia de los recordatorios. • http://sourceforge.net/project/shownotes.php?release_id=469627 http://www.mantisbugtracker.com/changelog.php •