6 matches found
Fedora Update for mantis FEDORA-2008-8925
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
GLSA-200812-07 : Mantis: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200812-07 Mantis: Multiple vulnerabilities Multiple issues have been reported in Mantis: EgiX reported that manageprojpage.php does not correctly sanitize the sort parameter before passing it to createfunction in core/utilityapi.p...
Fedora 9 : mantis-1.1.4-1.fc9 (2008-8925)
This releases fixes CVE-2008-3102 and a bunch of other issues. For the full changelog, please check: http://www.mantisbt.org/bugs/changelogpage.php Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Fedora 8 : mantis-1.1.4-1.fc8 (2008-9015)
This releases fixes CVE-2008-3102 and a bunch of other issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
CVE-2008-3102
CVE-2008-3102 affects MantisBT: vulnerable in Mantis 1.1.x (up to 1.1.2) and 1.2.x (up to 1.2.0a2). Root cause: the session cookie is not marked Secure in HTTPS sessions, enabling potential cookie leakage. Impact stated in sources includes session hijacking through captured cookies; other CVEs in...
menalto gallery: Session hijacking vulnerability, CVE-2008-3102
menalto gallery: Session hijacking vulnerability, CVE-2008-3102 References https://vulners.com/cve/CVE-2008-3102 http://int21.de/cve/CVE-2008-3102-mantis.html http://www.mantisbt.org/bugs/view.php?id=9524 http://www.mantisbt.org/bugs/view.php?id=9533...