Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2005-3335 7.5
PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.
11-07-2017 - 01:33 27-10-2005 - 10:02
CVE-2005-3336 7.5
SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
08-03-2011 - 02:26 27-10-2005 - 10:02
CVE-2005-3339 7.2
Mantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack vectors.
05-09-2008 - 20:54 27-10-2005 - 10:02
CVE-2005-3337 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Mantis before 0.19.3 allow remote attackers to inject arbitrary web script or HTML via (1) unknown vectors involving Javascript and (2) mantis/view_all_set.php.
05-09-2008 - 20:54 27-10-2005 - 10:02
CVE-2005-3338 5.0
Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users.
05-09-2008 - 20:54 27-10-2005 - 10:02
Back to Top Mark selected
Back to Top