CyberSec.Space Logo
Back to CVE Browser

CVE-2006-6515

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0150%
EPSS Percentile43.89th
PublishedDec 14, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

Mantis before 1.1.0a2 sets the default value of $g_bug_reminder_threshold to "reporter" instead of a more privileged role, which has unknown impact and attack vectors, possibly related to frequency of reminders.

Affected Platforms (CPE)

πŸ“¦
Mantis

Mantis

<= 1.1.0a1
πŸ“¦
Mantis

Mantis

= 1.0.0
πŸ“¦
Mantis

Mantis

= 1.0.0_rc1
πŸ“¦
Mantis

Mantis

= 1.0.0_rc2
πŸ“¦
Mantis

Mantis

= 1.0.0_rc3
πŸ“¦
Mantis

Mantis

= 1.0.0_rc4
πŸ“¦
Mantis

Mantis

= 1.0.0_rc5
πŸ“¦
Mantis

Mantis

= 1.0.0a1
πŸ“¦
Mantis

Mantis

= 1.0.0a2
πŸ“¦
Mantis

Mantis

= 1.0.0a3
πŸ“¦
Mantis

Mantis

= 1.0.1
πŸ“¦
Mantis

Mantis

= 1.0.2
πŸ“¦
Mantis

Mantis

= 1.0.3
πŸ“¦
Mantis

Mantis

= 1.0.4
πŸ“¦
Mantis

Mantis

= 1.0.5
πŸ“¦
Mantis

Mantis

= 1.0.6

References & Advisories

πŸ”— http://sourceforge.net/project/shownotes.php?release_id=469627
πŸ”— http://www.mantisbugtracker.com/changelog.php
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=469627
πŸ”— http://www.mantisbugtracker.com/changelog.php

Related Vulnerabilities

CVE-2006-066510.0

Unspecified vulnerability in (1) query_store.php and (2) manage_proj_create.php in Mantis before 1.0.0 has unknown impact and atta...

CVE-2002-111010.0

Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote ...

CVE-2008-46879.0

manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter conta...

CVE-2021-341257.5

An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information...