Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2008-4687 PoC — Mantis 'manage_proj_page.php' PHP代码注入漏洞

Source
https://github.com/twisted007/mantis_rce
Associated Vulnerability
Title:Mantis 'manage_proj_page.php' PHP代码注入漏洞 (CVE-2008-4687)
Description:Mantis中的manage_proj_page.php允许远程认证用户借助包含PHP序列的sort参数执行任意代码。这些PHP序列会在core/utility_api.php中的multi_sort函数范围内被create_function处理。
Description
Python script to obtain RCE on Mantis Bug Tracker prior to version 1.2.x Check CVE-2008-4687 for additional information
Readme
# mantis_rce
Python script to obtain RCE on Mantis Bug Tracker prior to version 1.2.x
Check CVE-2008-4687 for additional information
File Snapshot

 [4.0K]  /data/pocs/b9faa689c90979402d760cba872b3828edacfafa
├── [1.8K]  exploitFINAL.py
└── [ 133]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.