Roland Becker

6 exploits Active since Jan 2014
CVE-2019-15715 WRITEUP HIGH WRITEUP
MantisBT < 1.3.20 - Authenticated Remote Code Execution via Command Injection
MantisBT before 1.3.20 and 2.22.1 allows Post Authentication Command Injection, leading to Remote Code Execution.
CVSS 7.2
CVE-2013-4460 WRITEUP WRITEUP
MantisBT 1.0.0-1.2.15 - Authenticated Cross-Site Scripting via Project Name
Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name.
CVE-2017-12062 WRITEUP MEDIUM WRITEUP
MantisBT 2.0.0-2.5.1 - Cross-Site Scripting in Manage User Page Filter Field
An XSS issue was discovered in manage_user_page.php in MantisBT 2.x before 2.5.2. The 'filter' field is not sanitized before being rendered in the Manage User page, allowing remote attackers to execute arbitrary JavaScript code if CSP is disabled.
CVSS 6.1
CVE-2018-14504 WRITEUP MEDIUM WRITEUP
MantisBT 2.0.0-2.15.0 - Stored Cross-Site Scripting via Filter Name
An issue was discovered in manage_filter_edit_page.php in MantisBT 2.x through 2.15.0. A cross-site scripting (XSS) vulnerability in the Edit Filter page allows execution of arbitrary code (if CSP settings permit it) when displaying a filter with a crafted name (e.g., 'foobar" onclick="alert(1)').
CVSS 6.1
CVE-2019-15539 WRITEUP MEDIUM WRITEUP
MantisBT < 2.21.3 - Stored Cross-Site Scripting via Project Documentation Filename
The proj_doc_edit_page.php Project Documentation feature in MantisBT before 2.21.3 has a stored cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code (if CSP settings permit it) after uploading an attachment with a crafted filename. The code is executed when editing the document's page.
CVSS 6.1
CVE-2025-62520 WRITEUP MEDIUM WRITEUP
MantisBT < 2.27.2 - Improper Authorization via Copy From Action
Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.27.1 and below, due to insufficient access-level checks, any non-admin user with access to manage_config_columns_page.php can use the Copy From action to retrieve the columns configuration from a private project they have no access to. This issue is fixed in version 2.27.2.
CVSS 4.3