CVE-2016-6837
https://notcve.org/view.php?id=CVE-2016-6837
Cross-site scripting (XSS) vulnerability in MantisBT Filter API in MantisBT versions before 1.2.19, and versions 2.0.0-beta1, 1.3.0-beta1 allows remote attackers to inject arbitrary web script or HTML via the 'view_type' parameter. Vulnerabilidad de XSS en MantisBT Filter API en MantisBT en versiones anteriores a 1.2.19 y versiones 2.0.0-beta1, 1.3.0-beta1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro 'view_type'. • http://www.securityfocus.com/bid/92522 http://www.securitytracker.com/id/1036655 https://github.com/mantisbt/mantisbt/commit/7086c2d8b4b20ac14013b36761ac04f0abf21a4e https://mantisbt.org/bugs/view.php?id=21611 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-1042 – Mantis BugTracker 1.2.19 Open Redirect
https://notcve.org/view.php?id=CVE-2015-1042
The string_sanitize_url function in core/string_api.php in MantisBT 1.2.0a3 through 1.2.18 uses an incorrect regular expression, which allows remote attackers to conduct open redirect and phishing attacks via a URL with a ":/" (colon slash) separator in the return parameter to login_page.php, a different vulnerability than CVE-2014-6316. La función string_sanitize_url en core/string_api.php en MantisBT 1.2.0a3 hasta 1.2.18 utiliza una expresión regular incorrecta, lo que permite a atacantes remotos realizar ataques de redirección abierta y phishing a través de una URL con un separador ':/' (dos puntos barra oblicua) en el parámetro return en login_page.php, una vulnerabilidad diferente a CVE-2014-6316. Mantis BugTracker version 1.2.19 suffers from an open redirection vulnerability. • http://packetstormsecurity.com/files/130142/Mantis-BugTracker-1.2.19-Open-Redirect.html http://seclists.org/fulldisclosure/2015/Jan/110 http://www.openwall.com/lists/oss-security/2015/01/10/5 http://www.openwall.com/lists/oss-security/2015/01/11/8 http://www.securitytracker.com/id/1031633 https://www.mantisbt.org/bugs/view.php?id=17997 •
CVE-2014-9571 – MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
https://notcve.org/view.php?id=CVE-2014-9571
Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter. Vulnerabilidad de XSS en admin/install.php en MantisBT anterior a 1.2.19 y 1.3.x anterior a 1.3.0-beta.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) admin_username o (2) admin_password. MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities. • http://seclists.org/oss-sec/2015/q1/156 http://www.securitytracker.com/id/1031633 https://exchange.xforce.ibmcloud.com/vulnerabilities/100209 https://github.com/mantisbt/mantisbt/commit/132cd6d0 https://github.com/mantisbt/mantisbt/commit/6d47c047 https://www.htbridge.com/advisory/HTB23243 https://www.mantisbt.org/bugs/view.php?id=17937 https://www.mantisbt.org/bugs/view.php?id=17938 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2014-9573 – MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
https://notcve.org/view.php?id=CVE-2014-9573
SQL injection vulnerability in manage_user_page.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote administrators with FILE privileges to execute arbitrary SQL commands via the MANTIS_MANAGE_USERS_COOKIE cookie. Vulnerabilidad de inyección SQL en manage_user_page.php en MantisBT anterior a 1.2.19 y 1.3.x anterior a 1.3.0-beta.2 permite a administradores remotos con privilegios FILE ejecutar comandos SQL arbitrarios a través de la cookie MANTIS_MANAGE_USERS_COOKIE. MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities. • http://seclists.org/oss-sec/2015/q1/157 http://www.securitytracker.com/id/1031633 https://exchange.xforce.ibmcloud.com/vulnerabilities/100210 https://github.com/mantisbt/mantisbt/commit/69c2d28d https://github.com/mantisbt/mantisbt/commit/7cc4539f https://www.htbridge.com/advisory/HTB23243 https://www.mantisbt.org/bugs/view.php?id=17937 https://www.mantisbt.org/bugs/view.php?id=17940 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2014-9572 – MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
https://notcve.org/view.php?id=CVE-2014-9572
MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*/install.php, which allows remote attackers to obtain database credentials via the install parameter with the value 4. MantisBT anterior a 1.2.19 y 1.3.x anterior a 1.3.0-beta.2 no restringe correctamente el acceso a /*/install.php, lo que permite a atacantes remotos obtener credenciales de la base de datos a través del parámetro install con el valor 4. MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities. • http://seclists.org/oss-sec/2015/q1/158 http://www.securitytracker.com/id/1031633 https://exchange.xforce.ibmcloud.com/vulnerabilities/100211 https://www.htbridge.com/advisory/HTB23243 https://www.mantisbt.org/bugs/view.php?id=17937 https://www.mantisbt.org/bugs/view.php?id=17939 • CWE-284: Improper Access Control •