Mantis

mantis

43 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (43)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2002-1112 1Mantis 1Mantis Apr 16, 2026 Oct 4, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
CVE-2002-1111 1Mantis 1Mantis Apr 16, 2026 Oct 4, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify the limit_reporters option, which allows remote attackers to view bug summaries for bugs that would otherwise be restricted.
CVE-2002-1110 1Mantis 1Mantis Apr 16, 2026 Oct 4, 2002 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form...Show more Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_update.php.Show less