Mantis Manage_proj_page Remote Code Execution

This module exploits a Remote Code Execution vulnerability in Mantis version 1.1.3 caused by Mantis handling the sort parameter in manage_proj_page without the proper validation. This allows for remote code execution on Mantis' Web server.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2008-4687
Product Version: 
8.0
Released Date: 
Wednesday, February 18, 2009 - 00:00