Lucene search
Ubuntu.comUB:CVE-2008-4687HistoryOct 22, 2008 - 12:00 a.m.
CVE-2008-4687
2008-10-2200:00:00
ubuntu.com
ubuntu.com
12
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.964 High
EPSS
Percentile
99.6%
manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated
users to execute arbitrary code via a sort parameter containing PHP
sequences, which are processed by create_function within the multi_sort
function in core/utility_api.php.
Bugs
Notes
| Author | Note |
|---|---|
| kees | requires a registered user. |
Related
nessus
nessus
FreeBSD : mantis -- php code execution vulnerability (af2745c0-c3e0-11dd-a721-0030843d3802)
2008-12-08 00:00:00
GLSA-200812-07 : Mantis: Multiple vulnerabilities
2008-12-03 00:00:00
redhatcve
redhatcve
CVE-2008-4687
2019-10-04 20:36:35
openvas
openvas
FreeBSD Ports: mantis
2008-12-10 00:00:00
FreeBSD Ports: mantis
2008-12-10 00:00:00
Gentoo Security Advisory GLSA 200812-07 (mantisbt)
2008-12-03 00:00:00
zdt
zdt
Mantis manage_proj_page PHP Code Execution Exploit
2018-05-10 00:00:00
prion
prion
Design/Logic Flaw
2008-10-22 18:00:00
nvd
nvd
CVE-2008-4687
2008-10-22 18:00:01
cve
cve
CVE-2008-4687
2008-10-22 18:00:01
freebsd
freebsd
mantis -- php code execution vulnerability
2008-10-17 00:00:00
packetstorm
packetstorm
Mantis manage_proj_page PHP Code Execution
2018-05-09 00:00:00
cvelist
cvelist
CVE-2008-4687
2008-10-22 17:00:00
gentoo
gentoo
Mantis: Multiple vulnerabilities
2008-12-02 00:00:00
securityvulns
securityvulns
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.964 High
EPSS
Percentile
99.6%
Related for UB:CVE-2008-4687