PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote malicious users to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mantis mantis 0.19.2 |
||
mantis mantis 1.0.0_rc2 |