Secunia Logo  


Secunia PSI WorldMap
 
CVE Reference: CVE-2005-3335
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2005-3335

Description:
PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/22886

ST
  1015110

SREASON
  http://securityreason.com/securityalert/121

SAID
  Secunia Advisory: SA17654
  Secunia Advisory: SA16506
  Secunia Advisory: SA17362
  Secunia Advisory: SA16818

MISC
  http://bugs.mantisbt.org/changelog_page.php
  http://secunia.com/secunia_research/2005-46/advisory/

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200510-24.xml

DEBIAN
  http://www.debian.org/security/2005/dsa-905

BID
  15227
  15212


Return to the previous page.