Source Control Integration - MantisBT - Signup temporarily disabled due to spam

Author	Committer	Branch	Timestamp	Parent
dregad	dregad	master	2014-12-27 07:34	master 75c87e67
Affected Issues	0017937: MantisBT Security Vulnerability Notification (HTB23243)
	0017940: CVE-2014-9573: SQL Injection in manage_user_page.php
	0019277: CVE-2014-9573: SQL Injection in manage_user_page.php
Changeset	Fix SQL injection in manage_user_page.php This vulnerability (CVE-2014-9573) was reported by High-Tech Bridge Security Research Lab (https://www.htbridge.com/) in issue 0017937 (advisory ID HTB23243). To avoid injection, the parameters we get from the cookie are now properly sanitized before being used in the SQL query. Fixes 0017940
Changeset	mod - manage_user_page.php			Diff File