Lucene search
K

17 matches found

OpenVAS
OpenVAS
added 2015/08/08 12:0 a.m.27 views

Fedora Update for mantis FEDORA-2015-12010

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.7AI score0.50561EPSS
Exploits13References2
OpenVAS
OpenVAS
added 2015/02/07 12:0 a.m.41 views

Fedora Update for mantis FEDORA-2015-1419

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.8AI score0.50561EPSS
Exploits13References2
Tenable Nessus
Tenable Nessus
added 2015/01/22 12:0 a.m.70 views

MantisBT 1.2.x < 1.2.18 Multiple Vulnerabilities

According to its version number, the MantisBT application hosted on the remote web server is 1.2.x prior to 1.2.18. It is, therefore, affected by the following vulnerabilities : - Multiple input-validation errors exist that could allow cross-site scripting attacks. CVE-2014-7146, CVE-2014-8986,...

7.5CVSS5.6AI score0.50561EPSS
Exploits15References20
Tenable Nessus
Tenable Nessus
added 2015/01/08 12:0 a.m.45 views

Debian DSA-3120-1 : mantis - security update

Multiple security issues have been found in the Mantis bug tracking system, which may result in phishing, information disclosure, CAPTCHA bypass, SQL injection, cross-site scripting or the execution of arbitrary PHP code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...

7.5CVSS5.3AI score0.50561EPSS
Exploits16References23
OpenVAS
OpenVAS
added 2015/01/06 12:0 a.m.66 views

Debian Security Advisory DSA 3120-1 (mantis - security update)

Multiple security issues have been found in the Mantis bug tracking system, which may result in phishing, information disclosure, CAPTCHA bypass, SQL injection, cross-site scripting or the execution of arbitrary PHP code. OpenVAS Vulnerability Test $Id: deb3120.nasl 6609 2017-07-07 12:05:59Z...

7.5CVSS0.7AI score0.50561EPSS
Exploits16References1
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.35 views

Fedora Update for mantis FEDORA-2014-15142

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.7AI score0.50561EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2014/12/21 12:0 a.m.34 views

Fedora Update for mantis FEDORA-2014-16546

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868626";...

7.5CVSS6.2AI score0.50561EPSS
Exploits22References2
OpenVAS
OpenVAS
added 2014/12/21 12:0 a.m.32 views

Fedora Update for mantis FEDORA-2014-16504

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868624";...

7.5CVSS5.9AI score0.50561EPSS
Exploits23References2
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.45 views

Fedora 21 : mantis-1.2.17-4.fc21 (2014-15142)

fix CVE-2014-7146, CVE-2014-8598 1162046 fix CVE-2014-8554 1159295 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.6AI score0.50561EPSS
Exploits10References7
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.49 views

Fedora 19 : mantis-1.2.17-4.fc19 (2014-15079)

fix CVE-2014-7146, CVE-2014-8598 1162046 fix CVE-2014-8554 1159295 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.6AI score0.50561EPSS
Exploits10References7
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.39 views

Fedora 20 : mantis-1.2.17-4.fc20 (2014-15108)

fix CVE-2014-7146, CVE-2014-8598 1162046 fix CVE-2014-8554 1159295 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.6AI score0.50561EPSS
Exploits10References7
OpenVAS
OpenVAS
added 2014/12/12 12:0 a.m.55 views

Fedora Update for mantis FEDORA-2014-15079

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868569";...

7.5CVSS5.7AI score0.50561EPSS
Exploits20References2
NVD
NVD
added 2014/11/18 3:59 p.m.26 views

CVE-2014-8598

The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to 1 upload arbitrary XML files via the import page or 2 obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code...

6.4CVSS6AI score0.38463EPSS
Exploits2References7
Cvelist
Cvelist
added 2014/11/18 3:0 p.m.27 views

CVE-2014-8598

The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to 1 upload arbitrary XML files via the import page or 2 obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code...

5.9AI score0.38463EPSS
Exploits2References7
CVE
CVE
added 2014/11/18 3:0 p.m.67 views

CVE-2014-8598

CVE-2014-8598 affects MantisBT 1.2.x via the XML Import/Export plugin, which could allow unauthorized attackers to upload arbitrary XML files or obtain sensitive information due to insufficient access restrictions. This is explicitly stated in connected documents as part of multiple vulnerabiliti...

6.4CVSS5.9AI score0.38463EPSS
Exploits2References7Affected Software1
Circl
Circl
added 2014/11/18 12:0 a.m.27 views

CVE-2014-8598

creationtimestamp| type| source ---|---|--- 2014-11-18 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41685 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/mantisbtphpexec.rb 2025-02-06 03:13:42+00:00| seen|...

6.4CVSS4.9AI score0.38463EPSS
Exploits2References2
ArchLinux
ArchLinux
added 2014/11/12 12:0 a.m.51 views

mantisbt: arbitrary code execution and unrestricted access

CVE-2014-7146 arbitrary code execution When importing data with the plugin, user input passed through the "description" field and the "issuelink" attribute of the uploaded XML file isn't properly sanitized before being used in a call to the pregreplace function which uses the 'e' modifier. This...

7.5CVSS2.6AI score0.50561EPSS
Exploits8References7
Rows per page
Query Builder