CVE-2005-2557
Mantis 0.19.0a1-1.0.0a3 - Cross-Site Scripting via view_all_set.php dir Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-2557. PoCs published by anonymous.
AI-analyzed exploit summary The provided text describes multiple input validation vulnerabilities in Mantis, including XSS, HTML injection, and variable poisoning. It includes example URLs demonstrating these vulnerabilities but does not contain executable exploit code.
Description
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090.
Exploits (1)
The provided text describes multiple input validation vulnerabilities in Mantis, including XSS, HTML injection, and variable poisoning. It includes example URLs demonstrating these vulnerabilities but does not contain executable exploit code.