Full title: MantisBT Admin SQL Injection Arbitrary File Read Vulnerability 
Category: remote exploits
Platform: php
MantisBT versions 1.2.16 and below Metasploit module that leverages a remote SQL injection vulnerability to perform an arbitrary file read. Administrative credentials required.

# 0day.today @ http://0day.today/