CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

NVD•added 2014/12/17 7:59 p.m.•14 views

CVE-2014-9388

bugreport.php in MantisBT before 1.2.18 allows remote attackers to assign arbitrary issues via the handlerid parameter...

5CVSS5.6AI score0.00434EPSS

Exploits0References5

Prion•added 2014/12/17 7:59 p.m.•16 views

Code injection

bugreport.php in MantisBT before 1.2.18 allows remote attackers to assign arbitrary issues via the handlerid parameter...

5CVSS7.2AI score0.00434EPSS

Exploits0References5Affected Software1

UbuntuCve•added 2014/12/17 7:59 p.m.•25 views

CVE-2014-9388

bugreport.php in MantisBT before 1.2.18 allows remote attackers to assign arbitrary issues via the handlerid parameter...

5CVSS5.9AI score0.00434EPSS

Exploits0References4

CVE•added 2014/12/17 7:0 p.m.•48 views

CVE-2014-9388

CVE-2014-9388 affects MantisBT prior to 1.2.18, where bug_report.php can allow remote attackers to assign arbitrary issues via the handler_id parameter. This is a behavioral flaw in the issue assignment flow, enabling potential misrouting or manipulation of issues without authentication beyond th...

5CVSS5.5AI score0.00434EPSS

Exploits0References5Affected Software1

Cvelist•added 2014/12/17 7:0 p.m.•23 views

CVE-2014-9388

bugreport.php in MantisBT before 1.2.18 allows remote attackers to assign arbitrary issues via the handlerid parameter...

5.5AI score0.00434EPSS

Exploits0References5

Tenable Nessus•added 2008/03/07 12:0 a.m.•22 views

GLSA-200803-04 : Mantis: XSS

The remote host is affected by the vulnerability described in GLSA-200803-04 Mantis: XSS seiji reported that the filename for the uploaded file in bugreport.php is not properly sanitised before being stored. Impact : A remote attacker could upload a file with a specially crafted to a bug report,...

4.3CVSS5.9AI score0.00812EPSS

Exploits0References2

Prion•added 2008/01/03 10:46 p.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bugreport.php...

4.3CVSS5.7AI score0.00812EPSS

Exploits0References13Affected Software1

NVD•added 2008/01/03 10:46 p.m.•7 views

CVE-2007-6611

Cross-site scripting XSS vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bugreport.php...

4.3CVSS5.5AI score0.00812EPSS

Exploits0References13

Cvelist•added 2008/01/03 10:0 p.m.•15 views

CVE-2007-6611

Cross-site scripting XSS vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bugreport.php...

5.3AI score0.00812EPSS

Exploits0References13

CVE•added 2008/01/03 10:0 p.m.•48 views

CVE-2007-6611

CVE-2007-6611 affects MantisBT prior to 1.1.0. The vulnerability is an XSS in view.php via the uploaded filename in bug_report.php, exploitable by authenticated users to inject arbitrary HTML/JS in the browser. Affected product: MantisBT; root cause: insufficient sanitization of the uploaded file...

4.3CVSS5.3AI score0.00812EPSS

Exploits0References13Affected Software1

CVE•added 2005/05/14 4:0 a.m.•35 views

CVE-2005-1581

Vulnerability summary: CVE-2005-1581 describes a cross-site scripting (XSS) flaw in Bug Report 1.0. User input from various fields to bug_report.php is not filtered or quoted when processed by bug_list.php or admin/index.php, allowing remote attackers to inject arbitrary web script or HTML. What’...

4.3CVSS6AI score0.00297EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by