CVE-2008-4687 | Mantis up to 1.1.3 Utility manage_proj_page.php multi_sort code injection (EDB-44611 / Nessus ID 35057)
A vulnerability classified as very critical has been found in Mantis up to 1.1.3. Affected is the function multi_sort of the file manage_proj_page.php of the component Utility. The manipulation of the argument sort leads to code injection.
This vulnerability is traded as CVE-2008-4687. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.