E08-yhfz1
CVSS:
9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
False Positive:
t
Year:
2008
Description
This strike exploits a post-authentication remote code execution vulnerability found in Mantis WebServer. The vulnerability is due to improper input validation passed to a sort parameter of the manage_proj_page.php resource. An attacker could exploit this vulnerability by crafting a special HTML POST request, resulting in a code execution condition under the privileges of the current user.