Lucene search
K

414 matches found

0day.today
0day.today
added 2008/10/16 12:0 a.m.51 views

Mantis Bug Tracker <= 1.1.3 Remote Code Execution Exploit

Exploit for unknown platform in category web applications ========================================================= Mantis Bug Tracker = 1.1.3 Remote Code Execution Exploit ========================================================= ?php /...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/10/16 12:0 a.m.72 views

Mantis Bug Tracker 1.1.3 - Remote Code Execution

?php / -------------------------------------------------------------------------------- Mantis Bug Tracker = 1.1.3 manageprojpage.php Remote Code Execution Exploit -------------------------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/07/23 12:0 a.m.11 views

Mantis < 1.1.2 account_prefs_update.php language Parameter Traversal Local File Inclusion

Binary data 4605.prm...

7.5CVSS7.3AI score0.02255EPSS
Exploits1References2
seebug.org
seebug.org
added 2008/05/21 12:0 a.m.25 views

Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities

No description provided by source. Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities Name Multiple Vulnerabilities in Mantis Systems Affected Mantis 1.1.1 and possibly earlier versions Severity High Impact CVSSv2 High 9/10, vector: AV:N/AC:L/Au:N/C:C/I:P/A:P Vendor http://www.mantisbt.org/ Adviso...

6.8CVSS6.5AI score0.03088EPSS
Exploits6
0day.today
0day.today
added 2008/05/20 12:0 a.m.39 views

Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities

Exploit for unknown platform in category web applications =============================================================== Mantis Bug Tracker 1.1.1 CE/XSS/CSRF Multiple Vulnerabilities =============================================================== Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities...

7.1AI score0.03088EPSS
Exploits6
Exploit DB
Exploit DB
added 2008/05/20 12:0 a.m.35 views

Mantis Bug Tracker 1.1.1 - Code Execution / Cross-Site Scripting / Cross-Site Request Forgery

Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities Name Multiple Vulnerabilities in Mantis Systems Affected Mantis 1.1.1 and possibly earlier versions Severity High Impact CVSSv2 High 9/10, vector: AV:N/AC:L/Au:N/C:C/I:P/A:P Vendor http://www.mantisbt.org/ Advisory...

6.8CVSS6.4AI score0.03088EPSS
Exploits6
exploitpack
exploitpack
added 2008/05/20 12:0 a.m.29 views

Mantis Bug Tracker 1.1.1 - Code Execution Cross-Site Scripting Cross-Site Request Forgery

Mantis Bug Tracker 1.1.1 - Code Execution Cross-Site Scripting Cross-Site Request Forgery Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities Name Multiple Vulnerabilities in Mantis Systems Affected Mantis 1.1.1 and possibly earlier versions Severity High Impact CVSSv2 High 9/10, vector:...

6.8CVSS0.6AI score0.03088EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2008/05/15 12:0 a.m.69 views

Mantis manage_user_create.php CSRF New User Creation

The version of Mantis Bug Tracker installed on the remote host does not verify the validity of HTTP requests before performing various administrative actions. If a remote attacker can trick a logged-in administrator into viewing a specially crafted page, the vulnerability could be leveraged to...

6.8CVSS6.2AI score0.03088EPSS
Exploits6References5
Packet Storm
Packet Storm
added 2008/02/14 12:0 a.m.17 views

unleashed-xss.txt

Hello all, There is a bug in "Log" function of Search Unleashed by John Godley, version 0.2.10. This plug-in stores search queries but does not validates stored data and put them back "raw" to browser. HTML and Java Script can be injected with search request:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2008/02/06 12:0 a.m.46 views

[Full-disclosure] The Everything Development System - SQL Injection

Application: The Everything Development System Versions: = Pre-1.0 current version at time of release Author: sub [email protected] Released: 2/1/2008 There exists a vulnerability in The Everything Development Engine that allows a user to inject their own SQL to modify a SELECT query, leading to...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2008/02/03 12:0 a.m.75 views

The Everything Development System - SQL Injection

Application: The Everything Development System Versions: = Pre-1.0 current version at time of release Author: sub [email protected] Released: 2/1/2008 There exists a vulnerability in The Everything Development Engine that allows a user to inject their own SQL to modify a SELECT query, leading to...

0.7AI score
Exploits0
seebug.org
seebug.org
added 2008/02/02 12:0 a.m.17 views

The Everything Development System &lt;= Pre-1.0 SQL Injection Vuln

No description provided by source. Application: The Everything Development System Versions: = Pre-1.0 current version at time of release Author: sub [email protected] Released: 2/1/2008 There exists a vulnerability in The Everything Development Engine that allows a user to inject their own SQL to...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/02/02 12:0 a.m.26 views

The Everything Development System <= Pre-1.0 SQL Injection Vuln

Exploit for unknown platform in category web applications =============================================================== The Everything Development System = Pre-1.0 SQL Injection Vuln =============================================================== Application: The Everything Development System...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/02 12:0 a.m.55 views

The Everything Development System Pre-1.0 - SQL Injection

Application: The Everything Development System Versions: Released: 2/1/2008 There exists a vulnerability in The Everything Development Engine that allows a user to inject their own SQL to modify a SELECT query, leading to information disclosure, XSS, or privilege escalation. What's more, password...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/02/02 12:0 a.m.7 views

The Everything Development System Pre-1.0 - SQL Injection

The Everything Development System Pre-1.0 - SQL Injection Application: The Everything Development System Versions: Released: 2/1/2008 There exists a vulnerability in The Everything Development Engine that allows a user to inject their own SQL to modify a SELECT query, leading to information...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/12/27 12:0 a.m.15 views

Mantis < 0.9.5 / 1.1.0 RC5 view.php HTML Injection

Binary data 4326.prm...

4.3CVSS7.3AI score0.01745EPSS
Exploits0References3
exploitpack
exploitpack
added 2007/12/05 12:0 a.m.16 views

Joomla! Component com_search 1.5 RC3 - index.php Multiple SQL Injections

Joomla! Component comsearch 1.5 RC3 - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/26707/info Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2006/08/08 12:0 a.m.36 views

php local buffer underflow could lead to arbitary code execution

Affected versions: php 5.1.4 and older, 4.4.3 and possibly older Cause: when php-s sscanf functions format argument contains argument swap and extra arguments are given like. sscanf'foo ','$1s',$bar then it reads an pointer to pointer to zval structure past the end of argument array by one. Php...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2006/02/15 12:0 a.m.15 views

Mantis Bug Tracker 0.x1.0 - manage_user_page.php?sort Cross-Site Scripting

Mantis Bug Tracker 0.x1.0 - manageuserpage.php?sort Cross-Site Scripting source: https://www.securityfocus.com/bid/16657/info Mantis is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure ...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2006/02/15 12:0 a.m.26 views

Mantis Bug Tracker 0.x/1.0 - &#039;manage_user_page.php?sort&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/16657/info Mantis is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful...

7AI score
Exploits0
Rows per page
Query Builder