CVE-2006-0841

Mantis <= 1.00rc4 - Cross-Site Scripting via Multiple Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-0841. PoCs published by Thomas Waldegger.

AI-analyzed exploit summary The provided text describes multiple input-validation vulnerabilities in Mantis, including XSS and SQL injection. It lists various URLs with parameters susceptible to XSS attacks but does not include executable exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) hide_status, (2) handler_id, (3) user_monitor, (4) reporter_id, (5) view_type, (6) show_severity, (7) show_category, (8) show_status, (9) show_resolution, (10) show_build, (11) show_profile, (12) show_priority, (13) highlight_changed, (14) relationship_type, and (15) relationship_bug parameters in (a) view_all_set.php; the (16) sort parameter in (b) manage_user_page.php; the (17) view_type parameter in (c) view_filters_page.php; and the (18) title parameter in (d) proj_doc_delete.php. NOTE: item 17 might be subsumed by CVE-2005-4522.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Thomas Waldegger · textwebappsphp
https://www.exploit-db.com/exploits/27228

The provided text describes multiple input-validation vulnerabilities in Mantis, including XSS and SQL injection. It lists various URLs with parameters susceptible to XSS attacks but does not include executable exploit code.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target: Mantis (version not specified)
No auth needed
Prerequisites: Access to the vulnerable Mantis instance
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Thomas Waldegger · textwebappsphp
https://www.exploit-db.com/exploits/27229

The provided text describes multiple input-validation vulnerabilities in Mantis, including XSS and SQL injection, but does not contain actual exploit code. It references a URL parameter vulnerable to XSS.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target: Mantis (version not specified)
No auth needed
Prerequisites: Access to a vulnerable Mantis instance
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16657
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21400
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2006/dsa-1133
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/425046/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/23248
Exploit, Patch, Vendor Advisory x_refsource_misc
http://morph3us.org/advisories/20060214-mantis-100rc4.txt
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/22487

Scores

EPSS 0.0534
EPSS Percentile 91.6%

Details

Status published
Products (50)
mantis/mantis 0.9
mantis/mantis 0.9.0
mantis/mantis 0.9.1
mantis/mantis 0.10
mantis/mantis 0.10.0
mantis/mantis 0.10.1
mantis/mantis 0.10.2
mantis/mantis 0.11
mantis/mantis 0.11.0
mantis/mantis 0.11.1
... and 40 more
Published Feb 22, 2006
Tracked Since Feb 18, 2026