CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9624
https://notcve.org/view.php?id=CVE-2014-9624
12 Sep 2017 — CAPTCHA bypass vulnerability in MantisBT before 1.2.19. Existe una vulnerabilidad de omisión de CAPTCHA en MantisBT en versiones anteriores a la 1.2.19. • http://www.openwall.com/lists/oss-security/2015/01/18/11 • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-2046
https://notcve.org/view.php?id=CVE-2015-2046
28 Aug 2017 — Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later before 1.2.20. Existe una vulnerabilidad de tipo Cross-Site Scripting (XSS) en MantisBT 1.2.13 y posteriores antes de la 1.2.20. • http://www.openwall.com/lists/oss-security/2015/02/21/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-9701
https://notcve.org/view.php?id=CVE-2014-9701
09 Aug 2017 — Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the url parameter to permalink_page.php. Una vulnerabilidad de tipo cross-site scripting (XSS) en MantisBT en versiones anteriores a la 1.2.19 y en versiones 1.3.x anteriores a la 1.3.0-beta.2 permite que atacantes remotos inyecten scripts web o HTML mediante el parámetro url a permalink_page.php. • http://www.openwall.com/lists/oss-security/2015/03/15/2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 1%CPEs: 3EXPL: 0CVE-2017-12419
https://notcve.org/view.php?id=CVE-2017-12419
05 Aug 2017 — If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the 'admin' directory (as recommended in the "Post-installation and upgrade tasks" section of the MantisBT Admin Guide), and the MySQL client has a local_infile setting enabled (in php.ini mysqli.allow_local_infile, or the MySQL client config file, depending on the PHP setup), an attacker may take advantage of MySQL's "connect file read" feature to remotely access files on the MantisBT server. Si ... • http://openwall.com/lists/oss-security/2017/08/04/6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 1%CPEs: 2EXPL: 0CVE-2017-12061
https://notcve.org/view.php?id=CVE-2017-12061
01 Aug 2017 — An XSS issue was discovered in admin/install.php in MantisBT before 1.3.12 and 2.x before 2.5.2. Some variables under user control in the MantisBT installation script are not properly sanitized before being output, allowing remote attackers to inject arbitrary JavaScript code, as demonstrated by the $f_database, $f_db_username, and $f_admin_username variables. This is mitigated by the fact that the admin/ folder should be deleted after installation, and also prevented by CSP. Se detectó una vulnerabilidad d... • http://openwall.com/lists/oss-security/2017/08/01/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 18EXPL: 1CVE-2017-12062
https://notcve.org/view.php?id=CVE-2017-12062
01 Aug 2017 — An XSS issue was discovered in manage_user_page.php in MantisBT 2.x before 2.5.2. The 'filter' field is not sanitized before being rendered in the Manage User page, allowing remote attackers to execute arbitrary JavaScript code if CSP is disabled. Se detectó una vulnerabilidad de tipo Cross-Site Scripting (XSS) en manage_user_page.php en MantisBT en sus versiones 2.X anteriores a la 2.5.2. El campo "filter" no se sanitiza antes de que se renderice en la página Manage User, permitiendo a los atacantes remoto... • http://openwall.com/lists/oss-security/2017/08/01/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5059
https://notcve.org/view.php?id=CVE-2015-5059
01 Aug 2017 — The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files ($g_view_proj_doc_threshold) is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via a file id number in the file_id parameter to file_download.php. En caso de que el nivel de permiso para acceder a los archivos ($g_view_proj_doc_threshold) se establezca en ANYBODY, la característica "Project Documentation" en las versiones 1.2.19 y anteriores d... • http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163191.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 3CVE-2017-7620 – Mantis Bug Tracker 1.3.10/2.3.0 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2017-7620
21 May 2017 — MantisBT before 1.3.11, 2.x before 2.3.3, and 2.4.x before 2.4.1 omits a backslash check in string_api.php and consequently has conflicting interpretations of an initial \/ substring as introducing either a local pathname or a remote hostname, which leads to (1) arbitrary Permalink Injection via CSRF attacks on a permalink_page.php?url= URI and (2) an open redirect via a login_page.php?return= URI. MantisBT antes de v1.3.11, 2.x antes de v2.3.3 y 2.4.x antes de v2.4.1 omite una verificación de barra inverti... • https://packetstorm.news/files/id/142617 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 2CVE-2017-7897
https://notcve.org/view.php?id=CVE-2017-7897
18 Apr 2017 — A cross-site scripting (XSS) vulnerability in the MantisBT (2.3.x before 2.3.2) Timeline include page, used in My View (my_view_page.php) and User Information (view_user_page.php) pages, allows remote attackers to inject arbitrary code (if CSP settings permit it) through crafted PATH_INFO in a URL, due to use of unsanitized $_SERVER['PHP_SELF'] to generate URLs. Una vulnerabilidad XSS en el MantisBT (2.3.x en versiones anteriores a 2.3.2) Timeline incluye página, utilizada en My View (my_view_page.php) y pá... • http://www.mantisbt.org/bugs/view.php?id=22742 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 92%CPEs: 1EXPL: 7CVE-2017-7615 – Mantis Bug Tracker 2.3.0 - Remote Code Execution (Unauthenticated)
https://notcve.org/view.php?id=CVE-2017-7615
16 Apr 2017 — MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php. MantisBT hasta la versión 2.3.0 permite reinicio de contraseña arbitrario y acceso de administrador no autenticado a través de un valor confirm_hash vacío para verify.php Mantis Bug Tracker versions 1.3.0 and 2.3.0 suffer from a pre-authentication remote password reset vulnerability. • https://packetstorm.news/files/id/180854 • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •