Mantisbt Luki w zabezpieczeniach

Oś czasu

Ostatni rok

Wersja

1.2.047
1.2.147
1.2.246
1.2.343
1.2.441

Przeciwdziałanie

Official Fix102
Temporary Fix0
Workaround0
Unavailable0
Not Defined9

Wykorzystywanie

High6
Functional1
Proof-of-Concept5
Unproven0
Not Defined99

Wektor dostępu

Not Defined0
Physical0
Local4
Adjacent5
Network102

Uwierzytelnianie

Not Defined0
High5
Low41
None65

Interakcja z użytkownikiem

Not Defined0
Required54
None57

C3BM Index

Ostatni rok

CVSSv3 Base

≤10
≤20
≤30
≤418
≤534
≤637
≤712
≤810
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤423
≤538
≤633
≤715
≤82
≤90
≤100

VulDB

≤10
≤20
≤34
≤417
≤542
≤626
≤712
≤810
≤90
≤100

NVD

≤10
≤20
≤30
≤41
≤513
≤610
≤719
≤82
≤92
≤101

CNA

≤10
≤20
≤30
≤40
≤51
≤60
≤70
≤80
≤91
≤100

Sprzedawca

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k44
<2k42
<5k25
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj dzisiaj

<1k111
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

Ostatni rok

🔴 CTI Zajęcia

Affected Versions (125): 0.18, 0.19, 0.19.0a1, 0.19.0a2, 0.19.1, 0.19.2, 0.19.3, 0.19.4, 0.19.5, 1, 1.0, 1.0.0a1, 1.0.0a2, 1.0.0a3, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.0.9, 1.1, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.1.7, 1.1.8, 1.1.9, 1.2, 1.2.0a1, 1.2.0a2, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7, 1.2.8, 1.2.9, 1.2.11, 1.2.12, 1.2.13, 1.2.14, 1.2.15, 1.2.16, 1.2.17, 1.2.18, 1.2.19, 1.3, 1.3.0-beta, 1.3.0-beta.1, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.3.6, 1.3.7, 1.3.8, 1.3.9, 1.3.11, 1.3.12, 1.3.13, 1.3.14, 1.3.15, 1.3.16, 1.3.17, 1.3.18, 1.3.19, 2, 2.0, 2.0.0-beta, 2.0.0-beta.1, 2.0.1, 2.1, 2.1.1, 2.1.2, 2.2, 2.2.1, 2.2.2, 2.3, 2.3.1, 2.4, 2.5, 2.5.1, 2.5.2, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.13, 2.14, 2.15, 2.16, 2.17, 2.17.1, 2.18, 2.19, 2.20, 2.21, 2.21.1, 2.21.2, 2.22, 2.23, 2.24, 2.24.1, 2.24.2, 2.24.3, 2.24.4, 2.25, 2.25.1, 2.25.2, 2.25.3, 2.25.4, 2.26, 2.257

Typ oprogramowania: Bug Tracking Software

OpublikowanoBaseTempSłaby punkt0dayDzisiajWykPrzCTICVE
2024-02-217.37.1MantisBT Notification Message config_inc.php privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2024-23830
2023-10-174.34.2MantisBT Private Project wiki.php information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-44394
2022-06-254.44.4MantisBT SVG Document file_download.php cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-33910
2022-05-043.53.4MantisBT Hidden Input Field browser_search_plugin.php cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-28508
2022-04-156.36.0MantisBT CSV API csv_export.php Remote Code Execution$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-43257
2022-04-133.53.4MantisBT Plugin Name manage_plugin_page.php cross site scripting$0-$5kObliczenieNot DefinedOfficial Fix0.00CVE-2022-26144
2021-06-183.53.4MantisBT manage_custom_field_edit_page.php cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-33557
2021-03-086.86.5MantisBT weak authentication$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2009-20001
2021-02-225.35.3MantisBT Custom Field manage_custom_field_update.php helper_ensure_confirmed privilege escalation$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-35571
2021-01-294.94.7MantisBT Private Project bug_actiongroup_page.php privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-29605
2021-01-296.05.7MantisBT Private Project bug_actiongroup.php privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-29604
2021-01-294.94.7MantisBT Private Project manage_proj_edit_page.php privilege escalation$0-$5kObliczenieNot DefinedOfficial Fix0.00CVE-2020-29603
2020-12-313.53.5MantisBT bug_revision_view_page.php information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-35849
2020-12-315.04.7MantisBT API SOAP mc_project_get_users sql injection$0-$5k$0-$5kProof-of-ConceptNot Defined0.00CVE-2020-28413
2020-09-305.14.9MantisBT bug_actiongroup_page.php cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-25830
2020-09-303.83.6MantisBT file_download.php information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-25781
2020-09-305.14.9MantisBT Project privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-25288
2020-08-124.84.6MantisBT view_all_bug_page.php cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-16266
2020-03-195.24.6MantisBT Project Documentation proj_doc_edit_page.php Stored cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-15539
2019-11-096.15.8MantisBT Attachment cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2009-2802
2019-11-075.35.1MantisBT Access Control privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2013-1811
2019-10-314.44.3MantisBT Configuration Report Page adm_config_report.php cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2013-1934
2019-10-314.84.6MantisBT Configuration Report Page adm_config_report.php cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2013-1932
2019-10-315.75.4MantisBT manage_proj_ver_delete.php cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2013-1931
2019-10-315.85.7MantisBT Workflow privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.57CVE-2013-1930

86 więcej wpisów nie jest pokazywanych

Do you want to use VulDB in your project?

Use the official API to access entries easily!