The remote web server is hosting MantisBT, an open source bug tracking application written in PHP.
Versions of MantisBT 1.2.13 prior to 1.2.17 are affected by an input validation error related to the βfilter_config_idβ parameter in the script βadmin_config_report.phpβ, which could allow SQL injection attacks. This may allow an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
Binary data 8901.prm