Vulnerabilities (CVE)

Filtered by vendor Mini-pub Subscribe
Filtered by product Mini-pub
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-5936 1 Mini-pub 1 Mini-pub 2024-11-21 5.0 MEDIUM N/A
front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers to read files and obtain PHP source code via a filename in the sFileName parameter.
CVE-2008-5883 1 Mini-pub 1 Mini-pub 2024-11-21 7.8 HIGH N/A
Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter.
CVE-2008-5581 1 Mini-pub 1 Mini-pub 2024-11-21 7.5 HIGH N/A
PHP remote file inclusion vulnerability in mini-pub.php/front-end/img.php in mini-pub 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the sFileName parameter.
CVE-2008-5580 1 Mini-pub 1 Mini-pub 2024-11-21 7.5 HIGH N/A
mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the sFileName argument.
CVE-2008-5579 1 Mini-pub 1 Mini-pub 2024-11-21 5.0 MEDIUM N/A
Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter.