Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2008-4687 PoC — Mantis 'manage_proj_page.php' PHP代码注入漏洞

Source
https://github.com/twisted007/mantis_rce
Associated Vulnerability
Title:Mantis 'manage_proj_page.php' PHP代码注入漏洞 (CVE-2008-4687)
Description:manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by create_function within the multi_sort function in core/utility_api.php.
Description
Python script to obtain RCE on Mantis Bug Tracker prior to version 1.2.x Check CVE-2008-4687 for additional information
Readme
# mantis_rce
Python script to obtain RCE on Mantis Bug Tracker prior to version 1.2.x
Check CVE-2008-4687 for additional information
File Snapshot

 [4.0K]  /data/pocs/b9faa689c90979402d760cba872b3828edacfafa
├── [1.8K]  exploitFINAL.py
└── [ 133]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →