Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2017-16336

Malware in sbrugna...

4.8CVSS4.9AI score0.02475EPSS
Exploits1References10
Github Security Blog
Github Security Blogadded 2022/05/17 2:30 a.m.3 views

MantisBT vulnerable to XSS through config_option parameter in adm_config_report.php

A cross-site scripting XSS vulnerability in the MantisBT Configuration Report page admconfigreport.php allows remote attackers to inject arbitrary code if CSP settings permit it through a crafted 'configoption' parameter. This is fixed in 1.3.9, 2.1.3, and 2.2.3...

4.8CVSS4.8AI score0.02475EPSS
Exploits1References7Affected Software1
CVE
CVEadded 2019/10/31 7:5 p.m.83 views

CVE-2013-1934

The CVE-2013-1934 issue affects MantisBT 1.2.0rc1 and earlier, where the configuration report page adm_config_report.php allows remote authenticated users to inject arbitrary script/HTML via a complex value, enabling cross-site scripting. Root cause: insufficient input sanitization on the adm_con...

5.4CVSS4.9AI score0.00347EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2019/10/31 7:5 p.m.64 views

CVE-2013-1932

CVE-2013-1932 affects MantisBT 1.2.13. The OpenVAS entries and NVD description confirm a cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) that allows remote authenticated users to inject arbitrary script/HTML via the project name. The Nessus NASL i...

5.4CVSS4.9AI score0.00691EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessusadded 2017/04/10 12:0 a.m.13 views

MantisBT 1.3.x < 1.3.8 / 2.1.x < 2.1.2 / 2.2.x < 2.2.2 XSS

Binary data 700051.prm...

4.8CVSS7.3AI score0.00624EPSS
Exploits1References3
UbuntuCve
UbuntuCveadded 2014/11/24 3:59 p.m.25 views

CVE-2014-8986

Cross-site scripting XSS vulnerability in the selection list in the filters in the Configuration Report page admconfigreport.php in MantisBT 1.2.13 through 1.2.17 allows remote administrators to inject arbitrary web script or HTML via a crafted config option, a different vulnerability than...

3.5CVSS5.9AI score0.00532EPSS
Exploits0References2
CVE
CVEadded 2014/11/24 3:0 p.m.59 views

CVE-2014-8986

CVE-2014-8986 is a documented XSS vulnerability in MantisBT 1.2.13–1.2.17. The flaw resides in the Configuration Report page (adm_config_report.php) where the selection/filters of the Configuration Report can be exploited via the config_option parameter to inject arbitrary script/HTML. The connec...

3.5CVSS5.2AI score0.00532EPSS
Exploits0References7Affected Software1
CVE
CVEadded 2014/03/05 3:0 p.m.61 views

CVE-2014-2238

CVE-2014-2238 is a SQL injection vulnerability in MantisBT’s admin_config_report.php used by versions 1.2.13 through 1.2.16. The issue arises in the handling of the filter_config_id parameter, enabling a remote authenticated administrator to execute arbitrary SQL commands. Multiple connected sour...

6.5CVSS6.5AI score0.45353EPSS
Exploits8References6Affected Software1
Tenable Nessus
Tenable Nessusadded 2013/04/15 12:0 a.m.38 views

MantisBT 1.2.x < 1.2.14 adm_config_report.php Multiple Parameter XSS

According to its version number, the MantisBT install hosted on the remote web server is affected by multiple cross-site scripting vulnerabilities : - A flaw exists in on the Configuration Report page in the 'admconfigreport.php' script. CVE-2013-1932 - A flaw exists because the application fails...

5.4CVSS5.8AI score0.00691EPSS
Exploits0References4
Rows per page
Query Builder