Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2006-6574

Mantis before 1.1.0a2 does not implement per-item access control for Issue History (Bug History), which allows remote attackers to obtain sensitive information by reading the Change column, as demonstrated by the Change column of a custom field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.4%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2006-6574
  • Mantis » Mantis » Version: Any
    cpe:2.3:a:mantis:mantis:*
  • Mantis » Mantis » Version: 1.0.0
    cpe:2.3:a:mantis:mantis:1.0.0
  • Mantis » Mantis » Version: 1.0.0_rc1
    cpe:2.3:a:mantis:mantis:1.0.0_rc1
  • Mantis » Mantis » Version: 1.0.0_rc2
    cpe:2.3:a:mantis:mantis:1.0.0_rc2
  • Mantis » Mantis » Version: 1.0.0_rc3
    cpe:2.3:a:mantis:mantis:1.0.0_rc3
  • Mantis » Mantis » Version: 1.0.0_rc4
    cpe:2.3:a:mantis:mantis:1.0.0_rc4
  • Mantis » Mantis » Version: 1.0.0_rc5
    cpe:2.3:a:mantis:mantis:1.0.0_rc5
  • Mantis » Mantis » Version: 1.0.0a1
    cpe:2.3:a:mantis:mantis:1.0.0a1
  • Mantis » Mantis » Version: 1.0.0a2
    cpe:2.3:a:mantis:mantis:1.0.0a2
  • Mantis » Mantis » Version: 1.0.0a3
    cpe:2.3:a:mantis:mantis:1.0.0a3
  • Mantis » Mantis » Version: 1.0.1
    cpe:2.3:a:mantis:mantis:1.0.1
  • Mantis » Mantis » Version: 1.0.2
    cpe:2.3:a:mantis:mantis:1.0.2
  • Mantis » Mantis » Version: 1.0.3
    cpe:2.3:a:mantis:mantis:1.0.3
  • Mantis » Mantis » Version: 1.0.4
    cpe:2.3:a:mantis:mantis:1.0.4
  • Mantis » Mantis » Version: 1.0.5
    cpe:2.3:a:mantis:mantis:1.0.5
  • Mantis » Mantis » Version: 1.0.6
    cpe:2.3:a:mantis:mantis:1.0.6


Products
Pricing
Contact Us

Shodan ® - All rights reserved