CVE-2005-3335 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2005-3335
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-3335

Description: PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/22886 ST 1015110 SREASON http://securityreason.com/securityalert/121 SAID Secunia Advisory: SA17654 Secunia Advisory: SA16506 Secunia Advisory: SA17362 Secunia Advisory: SA16818 MISC http://bugs.mantisbt.org/changelog_page.php http://secunia.com/secunia_research/2005-46/advisory/ GENTOO http://www.gentoo.org/security/en/glsa/glsa-200510-24.xml DEBIAN http://www.debian.org/security/2005/dsa-905 BID 15227 15212

Return to the previous page.