This module exploits a Remote Code Execution vulnerability in Mantis version 1.1.3 caused by Mantis handling the sort parameter in manage_proj_page without the proper validation. This allows for remote code execution on Mantis' Web server. This module starts a web server on the Core Impact Console to publish the agent, which is downloaded from the target.
CVE Link
Product Name