Page 5 of 41 results (0.003 seconds)
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 3
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 3CVE-2014-9571 – MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
https://notcve.org/view.php?id=CVE-2014-9571
26 Jan 2015 — Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter. Vulnerabilidad de XSS en admin/install.php en MantisBT anterior a 1.2.19 y 1.3.x anterior a 1.3.0-beta.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) admin_username o (2) admin_password. MantisBT version 1.... • https://packetstorm.news/files/id/130173 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •