| Max CVSS | 5.1 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-4349 | 5.0 |
admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive information via an invalid db_type parameter, which reveals the installation path in an error message, related to an unsafe call by MantisBT to a functi
|
17-08-2017 - 01:33 | 03-01-2011 - 20:00 | |
| CVE-2010-4350 | 5.1 |
Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the db_type parameter, related to an unsafe call by MantisBT to a fu
|
27-08-2013 - 03:07 | 03-01-2011 - 20:00 | |
| CVE-2010-4348 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the db_type parameter, related to an unsafe call by MantisBT to a function in the ADO
|
27-08-2013 - 03:06 | 03-01-2011 - 20:00 | |
| CVE-2010-3763 | 4.3 |
Cross-site scripting (XSS) vulnerability in core/summary_api.php in MantisBT before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the Summary field, a different vector than CVE-2010-3303.
|
27-08-2013 - 03:05 | 05-10-2010 - 22:00 |