mantis bugtracker

Check Version (Authenticated)

Manage > (Help icon)
/manage_overview_page.php

v1.3.0 / 2.3.0 Account Hijack (Auth Bypass)

• https://www.exploit-db.com/exploits/41890

/verify.php?id=1&confirm_hash=

v2.3.0 RCE (with account hijack)

• https://www.exploit-db.com/exploits/48818 (update headers)