CyberSec.Space Logo
返回 CVE 浏览器

CVE-2006-6515

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0150%
EPSS Percentile43.89th
Published2006年12月14日
Last Modified2026年4月23日

Vulnerability Description

Mantis before 1.1.0a2 sets the default value of $g_bug_reminder_threshold to "reporter" instead of a more privileged role, which has unknown impact and attack vectors, possibly related to frequency of reminders.

Affected Platforms (CPE)

📦
Mantis

Mantis

<= 1.1.0a1
📦
Mantis

Mantis

= 1.0.0
📦
Mantis

Mantis

= 1.0.0_rc1
📦
Mantis

Mantis

= 1.0.0_rc2
📦
Mantis

Mantis

= 1.0.0_rc3
📦
Mantis

Mantis

= 1.0.0_rc4
📦
Mantis

Mantis

= 1.0.0_rc5
📦
Mantis

Mantis

= 1.0.0a1
📦
Mantis

Mantis

= 1.0.0a2
📦
Mantis

Mantis

= 1.0.0a3
📦
Mantis

Mantis

= 1.0.1
📦
Mantis

Mantis

= 1.0.2
📦
Mantis

Mantis

= 1.0.3
📦
Mantis

Mantis

= 1.0.4
📦
Mantis

Mantis

= 1.0.5
📦
Mantis

Mantis

= 1.0.6

References & Advisories

🔗 http://sourceforge.net/project/shownotes.php?release_id=469627
🔗 http://www.mantisbugtracker.com/changelog.php
🔗 http://sourceforge.net/project/shownotes.php?release_id=469627
🔗 http://www.mantisbugtracker.com/changelog.php

相关漏洞威胁

CVE-2006-066510.0

Unspecified vulnerability in (1) query_store.php and (2) manage_proj_create.php in Mantis before 1.0.0 has unknown impact and atta...

CVE-2002-111010.0

Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote ...

CVE-2008-46879.0

manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter conta...

CVE-2021-341257.5

An issue discovered in Yuneec Mantis Q and PX4-Autopilot v 1.11.3 and below allow attacker to gain access to sensitive information...