MantisBT 漏洞列表
共找到 8 个与 MantisBT 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2017-7615: MantisBT <=2.30 - Arbitrary Password Reset/Admin Access POC
MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php. -
CVE-2022-28508: MantisBT < 2.25.2 - Cross-Site Scripting POC
MantisBT before 2.25.2 contains a cross-site scripting vulnerability in browser_search_plugin.php. The application does not properly sanitize the 'type' parameter, which allows attackers to inject arbitrary web script or HTML via a crafted URL. -
CVE-2017-7615: MantisBT <=2.30 - Arbitrary Password Reset/Admin Access POC
MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php. -
CVE-2022-28508: MantisBT < 2.25.2 - Cross-Site Scripting POC
MantisBT before 2.25.2 contains a cross-site scripting vulnerability in browser_search_plugin.php. The application does not properly sanitize the 'type' parameter, which allows attackers to inject arbitrary web script or HTML via a crafted URL. -
mantisbt-anonymous-login: mantisbt - Anonymous Login POC
mantisbt Anonymous login were discovered. -
mantisbt-default-credential: MantisBT Default Admin Login POC
A MantisBT default admin login was discovered. -
mantisbt-installer: MantisBT Installation Exposure POC
MantisBT is susceptible to the Installation page exposure due to misconfiguration. -
MantisBT-2.24.3-SQL注入(CVE-2020-28413) 无POC
MantisBT是一个bug管理系统系统,该系统存在sql注入漏洞