PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.
Software | From | Fixed in |
---|---|---|
mantis / mantis | 0.19.2 | 0.19.2.x |
mantis / mantis | 1.0.0_rc2 | 1.0.0_rc2.x |