Mantis Manage_proj_page Remote Code Execution

This module exploits a Remote Code Execution vulnerability in Mantis version 1.1.3 caused by Mantis handling the sort parameter in manage_proj_page without the proper validation. This allows for remote code execution on Mantis' Web server.
Exploit type: 
Vulnerabilty ID: 
Released Date: 
Tuesday, February 17, 2009 - 18:00