CVEDB API

Vulnerabilities

Vulnerable Software

Mini-Pub: >> Mini-Pub Security Vulnerabilities

CVE-2008-5936

front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers to read files and obtain PHP source code via a filename in the sFileName parameter.

CVSS Score

5.0

EPSS Score

0.02

Published

2009-01-22

CVE-2008-5883

Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter.

CVSS Score

7.8

EPSS Score

0.017

Published

2009-01-12

CVE-2008-5579

Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter.

CVSS Score

5.0

EPSS Score

0.017

Published

2008-12-15

CVE-2008-5580

mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the sFileName argument.

CVSS Score

7.5

EPSS Score

0.029

Published

2008-12-15

CVE-2008-5581

PHP remote file inclusion vulnerability in mini-pub.php/front-end/img.php in mini-pub 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the sFileName parameter.

CVSS Score

7.5

EPSS Score

0.011

Published

2008-12-15

Page 1

Vulnerabilities

Vulnerable Software

Mini-Pub: >> Mini-Pub Security Vulnerabilities

Products

Pricing

Contact Us