Max CVSS 5.1 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2010-4349 5.0
admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive information via an invalid db_type parameter, which reveals the installation path in an error message, related to an unsafe call by MantisBT to a functi
17-08-2017 - 01:33 03-01-2011 - 20:00
CVE-2010-4350 5.1
Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the db_type parameter, related to an unsafe call by MantisBT to a fu
27-08-2013 - 03:07 03-01-2011 - 20:00
CVE-2010-4348 4.3
Cross-site scripting (XSS) vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the db_type parameter, related to an unsafe call by MantisBT to a function in the ADO
27-08-2013 - 03:06 03-01-2011 - 20:00
CVE-2010-3763 4.3
Cross-site scripting (XSS) vulnerability in core/summary_api.php in MantisBT before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the Summary field, a different vector than CVE-2010-3303.
27-08-2013 - 03:05 05-10-2010 - 22:00
Back to Top Mark selected
Back to Top