Vulnerabilities > Mantis > Mantis > 1.0.0.rc3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-13 | CVE-2006-0664 | Cross-Site Scripting vulnerability in Mantis Config_Defaults_Inc.PHP Cross-site scripting (XSS) vulnerability in config_defaults_inc.php in Mantis before 1.0 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. network mantis | 4.3 |
| 2005-12-28 | CVE-2005-4524 | Mantis 1.0.0rc3 does not properly handle "Make note private" when a bug is being resolved, which has unknown impact and attack vectors, probably related to an information leak. | 5.0 |
| 2005-12-28 | CVE-2005-4522 | Unspecified vulnerability in Mantis Multiple cross-site scripting (XSS) vulnerabilities in the view_filters_page.php filters script in Mantis 1.0.0rc3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) view_type and (2) target_field parameters. network mantis | 4.3 |
| 2005-12-28 | CVE-2005-4521 | CRLF injection vulnerability in Mantis 1.0.0rc3 and earlier allows remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via (1) the return parameter in login_cookie_test.php and (2) ref parameter in login_select_proj_page.php. | 5.0 |
| 2005-12-28 | CVE-2005-4520 | Unspecified vulnerability in Mantis Unspecified "port injection" vulnerabilities in filters in Mantis 1.0.0rc3 and earlier have unknown impact and attack vectors. | 5.0 |
| 2005-12-14 | CVE-2005-4238 | Cross-Site Scripting vulnerability in Mantis View_filters_page.PHP Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and earlier allows remote attackers to inject arbitrary web script or HTML via the target_field parameter. network mantis | 4.3 |