Mini-pub : Security Vulnerabilities, CVEs,
front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers to read files and obtain PHP source code via a filename in the sFileName parameter.
Max CVSS
5.0
EPSS Score
0.37%
Published
2009-01-22
Updated
2017-09-29
Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter.
Max CVSS
7.8
EPSS Score
0.50%
Published
2009-01-12
Updated
2017-09-29
PHP remote file inclusion vulnerability in mini-pub.php/front-end/img.php in mini-pub 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the sFileName parameter.
Max CVSS
7.5
EPSS Score
0.69%
Published
2008-12-15
Updated
2018-10-11
mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the sFileName argument.
Max CVSS
7.5
EPSS Score
0.80%
Published
2008-12-15
Updated
2018-10-11
Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter.
Max CVSS
5.0
EPSS Score
0.34%
Published
2008-12-15
Updated
2018-10-11
5 vulnerabilities found