EUVD-2006-0672

Malware in sbrugna...

Mantis 0.x/1.0 view_all_set.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16657/info Mantis is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...

CVE-2005-4238

Mantis (web-based bug tracker) contains an XSS flaw in view_filters_page.php where the target_field input is not properly sanitised, enabling remote attackers to inject arbitrary script/HTML. Affected: Mantis 1.0.0rc3 and earlier. Root cause: insufficient input sanitisation leading to reflected/s...

Mantis weak permisions

No description provided...

CVE-2002-1112

Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page...

CVE-2002-1110

Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magicquotesgpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to accountupdate.php...

[Mantis Advisory/2002-02] Limiting output to reporters can be bypassed

Mantis Advisory/2002-02 Limiting output to reporters can be bypassed 0. Table of Contents 1. Introduction 2. Summary / Impact analysis 3. Affected versions 4. Workaround / Solution 5. Detailed explanation 6. Contact details 1. Introduction Mantis is an Open Source web-based bugtracking system,...