Vendor Dictionary: Mantis

Mantis

Short Name:	Mantis
Previous Names:	[None Entered]
URL:	http://www.mantisbt.org/ [visit link]
Email:	kenito300baud.org
Security URL:	[None Entered]
Security Email:	[None Entered]
Knowledge Base:	[None Entered]
Notes:	[No Notes]
Full Details...

Vulnerabilities by Vendor Product

Mantis

Mantis

Mantis: 0.15.x; OSVDB ID: 4858 Mantis Arbitrary PHP File Inclusion; 0.16.x; OSVDB ID: 4858 Mantis Arbitrary PHP File Inclusion; 0.17.0; OSVDB ID: 4858 Mantis Arbitrary PHP File Inclusion; 0.17.1; OSVDB ID: 4858 Mantis Arbitrary PHP File Inclusion; OSVDB ID: 6215 Mantis Configuration File Cleartext Password Disclosure; 0.17.2; OSVDB ID: 4858 Mantis Arbitrary PHP File Inclusion; 0.17.3; OSVDB ID: 4858 Mantis Arbitrary PHP File Inclusion; 0.18.3; OSVDB ID: 9086 Mantis login_page.php return Parameter XSS; OSVDB ID: 9087 Mantis signup.php Email Address Field XSS; OSVDB ID: 9088 Mantis login_select_proj_page.php onclick Parameter XSS; OSVDB ID: 9089 Mantis view_all_set.php hide_status Parameter XSS; OSVDB ID: 9090 Mantis signup_page.php Arbitrary Mail Relay; OSVDB ID: 9091 Mantis bug_api.php t_core_path Arbitrary PHP Injection; OSVDB ID: 9092 Mantis relationship_api.php t_core_dir Arbitrary PHP Injection; OSVDB ID: 9094 Mantis Unspecified XSS; OSVDB ID: 9093 Mantis Real Name Field HTML Injection; 0.19.0a1; OSVDB ID: 9097 Mantis Signup Invalid Username DoS; OSVDB ID: 9094 Mantis Unspecified XSS; OSVDB ID: 9093 Mantis Real Name Field HTML Injection; 0.18.2; OSVDB ID: 9096 Mantis Authenticated User Arbitrary File Access; OSVDB ID: 9095 Mantis Unspecified SQL Injection; 1.0.0rc3; OSVDB ID: 22051 Mantis manage_user_page.php Multiple Parameter SQL Injection; OSVDB ID: 22052 Mantis view_all_set.php sort Parameter SQL Injection; OSVDB ID: 22053 Mantis view_filters_page.php Multiple Parameter XSS; OSVDB ID: 22056 Mantis File Size Upload Restriction Bypass DoS; OSVDB ID: 23248 Mantis view_all_set.php Multiple Parameter XSS; 0.19.3; OSVDB ID: 22053 Mantis view_filters_page.php Multiple Parameter XSS; OSVDB ID: 22056 Mantis File Size Upload Restriction Bypass DoS; 0.19.4; OSVDB ID: 22290 ADOdb server.php sql Parameter SQL Injection; OSVDB ID: 22291 ADOdb tmssql.php do Variable Arbitrary PHP Function Execution; 1.0.0rc4; OSVDB ID: 22290 ADOdb server.php sql Parameter SQL Injection; OSVDB ID: 22291 ADOdb tmssql.php do Variable Arbitrary PHP Function Execution; OSVDB ID: 22489 Mantis Saved Queries Unspecified XSS; OSVDB ID: 22487 Mantis manage_user_page.php sort Parameter XSS; OSVDB ID: 22488 Mantis Project Documents Port Unspecified XSS; OSVDB ID: 22053 Mantis view_filters_page.php Multiple Parameter XSS; OSVDB ID: 23248 Mantis view_all_set.php Multiple Parameter XSS; 1.0.0rc2; OSVDB ID: 23248 Mantis view_all_set.php Multiple Parameter XSS; 1.0.0rc1; OSVDB ID: 23248 Mantis view_all_set.php Multiple Parameter XSS; 1.0.1; OSVDB ID: 24292 Mantis view_all_set.php Multiple Parameter XSS; 1.1.8; OSVDB ID: 60091 Mantis view_filters_page.php target_field Parameter XSS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.