Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2015/01/22 12:0 a.m.70 views

MantisBT 1.2.x < 1.2.18 Multiple Vulnerabilities

According to its version number, the MantisBT application hosted on the remote web server is 1.2.x prior to 1.2.18. It is, therefore, affected by the following vulnerabilities : - Multiple input-validation errors exist that could allow cross-site scripting attacks. CVE-2014-7146, CVE-2014-8986,...

7.5CVSS5.6AI score0.50561EPSS
Exploits15References20
Tenable Nessus
Tenable Nessus
added 2015/01/08 12:0 a.m.45 views

Debian DSA-3120-1 : mantis - security update

Multiple security issues have been found in the Mantis bug tracking system, which may result in phishing, information disclosure, CAPTCHA bypass, SQL injection, cross-site scripting or the execution of arbitrary PHP code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...

7.5CVSS5.3AI score0.50561EPSS
Exploits16References23
OpenVAS
OpenVAS
added 2015/01/06 12:0 a.m.66 views

Debian Security Advisory DSA 3120-1 (mantis - security update)

Multiple security issues have been found in the Mantis bug tracking system, which may result in phishing, information disclosure, CAPTCHA bypass, SQL injection, cross-site scripting or the execution of arbitrary PHP code. OpenVAS Vulnerability Test $Id: deb3120.nasl 6609 2017-07-07 12:05:59Z...

7.5CVSS0.7AI score0.50561EPSS
Exploits16References1
OpenVAS
OpenVAS
added 2014/12/21 12:0 a.m.34 views

Fedora Update for mantis FEDORA-2014-16546

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868626";...

7.5CVSS6.2AI score0.50561EPSS
Exploits22References2
OpenVAS
OpenVAS
added 2014/12/21 12:0 a.m.32 views

Fedora Update for mantis FEDORA-2014-16504

Check the version of mantis SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868624";...

7.5CVSS5.9AI score0.50561EPSS
Exploits23References2
UbuntuCve
UbuntuCve
added 2014/11/24 3:59 p.m.28 views

CVE-2014-8986

Cross-site scripting XSS vulnerability in the selection list in the filters in the Configuration Report page admconfigreport.php in MantisBT 1.2.13 through 1.2.17 allows remote administrators to inject arbitrary web script or HTML via a crafted config option, a different vulnerability than...

3.5CVSS5.9AI score0.0123EPSS
Exploits0References2
CVE
CVE
added 2014/11/24 3:0 p.m.65 views

CVE-2014-8986

CVE-2014-8986 is a documented XSS vulnerability in MantisBT 1.2.13–1.2.17. The flaw resides in the Configuration Report page (adm_config_report.php) where the selection/filters of the Configuration Report can be exploited via the config_option parameter to inject arbitrary script/HTML. The connec...

3.5CVSS5.2AI score0.0123EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder