Description
PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Debian DSA |
DSA-905-1 | New mantis packages fix several vulnerabilities |
EUVD |
EUVD-2005-3334 | PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter. |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T23:10:08.487Z
Reserved: 2005-10-27T00:00:00.000Z
Link: CVE-2005-3335
No data.
Status : Modified
Published: 2005-10-27T10:02:00.000
Modified: 2026-06-16T22:16:45.023
Link: CVE-2005-3335
No data.
OpenCVE Enrichment
No data.
Weaknesses
Debian DSA
EUVD