0024465: Security issue - MantisBT - Signup temporarily disabled due to spam

ID	Project	Category	View Status	Date Submitted	Last Update

0024465	mantisbt	security	public	2018-05-21 04:29	2018-06-06 00:39

Reporter	euro.dev	Assigned To	atrol
Priority	urgent	Severity	crash	Reproducibility	have not tried
Status	closed	Resolution	no change required
Product Version	2.13.0

Summary	0024465: Security issue
Description	Hi, I have a security issue with mantis installed in a subdomain. A hacker has installed WordPress in the main folder and overwrite index.php file and created a new database. Please help me fix this issue and show me if there is any corrections i can do.
Tags	No tags attached.

atrol 2018-05-21 04:35 developer ~0059885	A hacker has installed WordPress in the main folder and overwrite index.php file I don't see this is related to Mantis. We can't do anything in Mantis If someone has write access to the file system. Do you agree that we can close this issue?

atrol 2018-05-31 11:43 developer ~0059992	euro.dev, You did not provide any feedback; I am therefore resolving this issue as "no change required". Feel free to reopen the issue at a later time and provide the requested information.