FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mantis -- php code execution vulnerability

Affected packages
mantis < 1.1.4

Details

VuXML ID af2745c0-c3e0-11dd-a721-0030843d3802
Discovery 2008-10-17
Entry 2008-12-06

Secunia reports:

EgiX has discovered a vulnerability in Mantis, which can be exploited by malicious users to compromise a vulnerable system.

Input passed to the "sort" parameter in manage_proj_page.php is not properly sanitised before being used in a "create_function()" call. This can be exploited to execute arbitrary PHP code.

References

CVE Name CVE-2008-4687
URL http://secunia.com/advisories/32314/