CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mantisbt: >> Mantisbt >> 1.2.14 Security Vulnerabilities

CVE-2014-2238

SQL injection vulnerability in the manage configuration page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via the filter_config_id parameter.

CVSS Score

6.5

EPSS Score

0.454

Published

2014-03-05

CVE-2013-4460

Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name.

CVSS Score

3.5

EPSS Score

0.002

Published

2014-01-10

Page 8

Vulnerabilities

Vulnerable Software

Mantisbt: >> Mantisbt >> 1.2.14 Security Vulnerabilities

Products

Pricing

Contact Us