vendor:
mini-pub
by:
Unknown
N/A
CVSS
HIGH
Local Directory Traversal, File Disclosure
22
CWE
Product Name: mini-pub
Affected Version From: v0.3
Affected Version To: v0.3
Patch Exists: NO
Related CWE:
CPE: a:unknown:mini-pub:0.3
Platforms Tested:
2008
mini-pub.php <= v0.3 Local Directory Traversal / File Disclosure Vulnerabilities
The mini-pub.php script version 0.3 has vulnerabilities that allow local directory traversal and file disclosure. The vulnerability can be exploited by accessing specific URLs with parameters such as 'sDir' and 'sFileName'.
Mitigation:
Upgrade to a newer version of mini-pub.php or apply a patch provided by the vendor.