Lucene search
K

22 matches found

OpenVAS
OpenVAS
added 2015/08/08 12:0 a.m.27 views

Fedora Update for mantis FEDORA-2015-12010

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.7AI score0.50561EPSS
Exploits13References2
OpenVAS
OpenVAS
added 2015/02/07 12:0 a.m.41 views

Fedora Update for mantis FEDORA-2015-1419

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.8AI score0.50561EPSS
Exploits13References2
Tenable Nessus
Tenable Nessus
added 2015/01/22 12:0 a.m.70 views

MantisBT 1.2.x < 1.2.18 Multiple Vulnerabilities

According to its version number, the MantisBT application hosted on the remote web server is 1.2.x prior to 1.2.18. It is, therefore, affected by the following vulnerabilities : - Multiple input-validation errors exist that could allow cross-site scripting attacks. CVE-2014-7146, CVE-2014-8986,...

7.5CVSS5.6AI score0.50561EPSS
Exploits15References20
Tenable Nessus
Tenable Nessus
added 2015/01/08 12:0 a.m.45 views

Debian DSA-3120-1 : mantis - security update

Multiple security issues have been found in the Mantis bug tracking system, which may result in phishing, information disclosure, CAPTCHA bypass, SQL injection, cross-site scripting or the execution of arbitrary PHP code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...

7.5CVSS5.3AI score0.50561EPSS
Exploits16References23
OpenVAS
OpenVAS
added 2015/01/06 12:0 a.m.65 views

Debian Security Advisory DSA 3120-1 (mantis - security update)

Multiple security issues have been found in the Mantis bug tracking system, which may result in phishing, information disclosure, CAPTCHA bypass, SQL injection, cross-site scripting or the execution of arbitrary PHP code. OpenVAS Vulnerability Test $Id: deb3120.nasl 6609 2017-07-07 12:05:59Z...

7.5CVSS0.7AI score0.50561EPSS
Exploits16References1
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.35 views

Fedora Update for mantis FEDORA-2014-15142

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.7AI score0.50561EPSS
Exploits10References2
securityvulns
securityvulns
added 2015/01/02 12:0 a.m.167 views

[KIS-2014-18] Mantis Bug Tracker &lt;= 1.2.17 &#40;ImportXml.php&#41; PHP Code Injection Vulnerability

----------------------------------------------------------------------------- Mantis Bug Tracker = 1.2.17 ImportXml.php PHP Code Injection Vulnerability ----------------------------------------------------------------------------- - Software Link: http://www.mantisbt.org/ - Affected Versions: All...

7.5CVSS0.3AI score0.50561EPSS
Exploits8
0day.today
0day.today
added 2015/01/01 12:0 a.m.176 views

Mantis Bug Tracker 1.2.17 PHP Code Injection Vulnerability

Mantis Bug Tracker versions 1.2.0 through 1.2.17 suffer from a PHP code injection vulnerability. ----------------------------------------------------------------------------- Mantis Bug Tracker $newId 108. $bugData = bugget $newId, true ; 109. 110. $bugLinkRegexp = '/^|^\w' . pregquote...

7.5CVSS0.3AI score0.50561EPSS
Exploits8
Packet Storm
Packet Storm
added 2014/12/31 12:0 a.m.61 views

Mantis Bug Tracker 1.2.17 PHP Code Injection

----------------------------------------------------------------------------- Mantis Bug Tracker $newId 108. $bugData = bugget $newId, true ; 109. 110. $bugLinkRegexp = '/^|^\w' . pregquote $this-source-issuelink, '/' . '\d+\b/e'; 111. $replacement = '"\1" . $this-getReplacementString "\2", "\3"...

7.5CVSS0.2AI score0.50561EPSS
Exploits8
OpenVAS
OpenVAS
added 2014/12/21 12:0 a.m.32 views

Fedora Update for mantis FEDORA-2014-16504

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868624";...

7.5CVSS5.9AI score0.50561EPSS
Exploits23References2
OpenVAS
OpenVAS
added 2014/12/21 12:0 a.m.34 views

Fedora Update for mantis FEDORA-2014-16546

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868626";...

7.5CVSS6.2AI score0.50561EPSS
Exploits22References2
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.45 views

Fedora 21 : mantis-1.2.17-4.fc21 (2014-15142)

fix CVE-2014-7146, CVE-2014-8598 1162046 fix CVE-2014-8554 1159295 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.6AI score0.50561EPSS
Exploits10References7
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.49 views

Fedora 19 : mantis-1.2.17-4.fc19 (2014-15079)

fix CVE-2014-7146, CVE-2014-8598 1162046 fix CVE-2014-8554 1159295 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.6AI score0.50561EPSS
Exploits10References7
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.39 views

Fedora 20 : mantis-1.2.17-4.fc20 (2014-15108)

fix CVE-2014-7146, CVE-2014-8598 1162046 fix CVE-2014-8554 1159295 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.6AI score0.50561EPSS
Exploits10References7
OpenVAS
OpenVAS
added 2014/12/12 12:0 a.m.55 views

Fedora Update for mantis FEDORA-2014-15079

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868569";...

7.5CVSS5.7AI score0.50561EPSS
Exploits20References2
NVD
NVD
added 2014/11/18 3:59 p.m.25 views

CVE-2014-8598

The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to 1 upload arbitrary XML files via the import page or 2 obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code...

6.4CVSS6AI score0.38463EPSS
Exploits2References7
NVD
NVD
added 2014/11/18 3:59 p.m.21 views

CVE-2014-7146

The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote attackers to execute arbitrary PHP code via a crafted 1 description field or 2 issuelink attribute in an XML file, which is not properly handled when executing the pregreplace function with the e modifier...

7.5CVSS6AI score0.50561EPSS
Exploits8References8
Prion
Prion
added 2014/11/18 3:59 p.m.30 views

Code injection

The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to 1 upload arbitrary XML files via the import page or 2 obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code...

6.4CVSS7.5AI score0.50561EPSS
Exploits8References7Affected Software1
CVE
CVE
added 2014/11/18 3:0 p.m.83 views

CVE-2014-7146

CVE-2014-7146 affects MantisBT

7.5CVSS5.9AI score0.50561EPSS
Exploits8References8Affected Software1
Circl
Circl
added 2014/11/18 12:0 a.m.15 views

CVE-2014-7146

creationtimestamp| type| source ---|---|--- 2014-11-18 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41685 2014-11-18 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/35283 2018-05-29 15:50:33+00:00| seen|...

7.5CVSS6AI score0.50561EPSS
Exploits8References3
Rows per page
Query Builder