Lucene search
FreeBSDAF2745C0-C3E0-11DD-A721-0030843D3802HistoryOct 17, 2008 - 12:00 a.m.
mantis -- php code execution vulnerability
2008-10-1700:00:00
vuxml.freebsd.org
12
0.963 High
EPSS
Percentile
99.5%
Secunia reports:
EgiX has discovered a vulnerability in Mantis, which can be
exploited by malicious users to compromise a vulnerable system.
Input passed to the “sort” parameter in manage_proj_page.php is not
properly sanitised before being used in a “create_function()” call.
This can be exploited to execute arbitrary PHP code.
References
Related
ubuntucve
ubuntucve
CVE-2008-4687
2008-10-22 00:00:00
redhatcve
redhatcve
CVE-2008-4687
2019-10-04 20:36:35
nessus
nessus
FreeBSD : mantis -- php code execution vulnerability (af2745c0-c3e0-11dd-a721-0030843d3802)
2008-12-08 00:00:00
GLSA-200812-07 : Mantis: Multiple vulnerabilities
2008-12-03 00:00:00
openvas
openvas
FreeBSD Ports: mantis
2008-12-10 00:00:00
FreeBSD Ports: mantis
2008-12-10 00:00:00
Gentoo Security Advisory GLSA 200812-07 (mantisbt)
2008-12-03 00:00:00
zdt
zdt
Mantis manage_proj_page PHP Code Execution Exploit
2018-05-10 00:00:00
prion
prion
Design/Logic Flaw
2008-10-22 18:00:00
packetstorm
packetstorm
Mantis manage_proj_page PHP Code Execution
2018-05-09 00:00:00
cve
cve
CVE-2008-4687
2008-10-22 18:00:00
cvelist
cvelist
CVE-2008-4687
2008-10-22 17:00:00
gentoo
gentoo
Mantis: Multiple vulnerabilities
2008-12-02 00:00:00
securityvulns
securityvulns