CVE-2006-0840

Name of the Vulnerable Software and Affected Versions Mantis versions 1.00rc4 and earlier

Description The issue arises from improper handling of a sort parameter containing a ' (quote) character in the manage user page.php file. This allows remote attackers to trigger a SQL error, which may be repeatedly reported to a user who makes subsequent web accesses with the MANTIS MANAGE COOKIE cookie.

Recommendations For Mantis versions 1.00rc4 and earlier, consider restricting access to the manage user page.php file until a fix is available. As a temporary workaround, avoid using the sort parameter with quote characters in the manage user page.php file to minimize the risk of triggering SQL errors.