cbcvebase.

Mini-Pub vulnerabilities

5 known vulnerabilities affecting mini-pub/mini-pub.

Total CVEs
5
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2008-5580P3HIGHCVSS 7.5PoCv0.32008-12-15
CVE-2008-5580 [HIGH] CWE-20 CVE-2008-5580: mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to execute arbitrary commands mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the sFileName argument.
nvd
CVE-2008-5581P3HIGHCVSS 7.5PoCv0.32008-12-15
CVE-2008-5581 [HIGH] CWE-20 CVE-2008-5581: PHP remote file inclusion vulnerability in mini-pub.php/front-end/img.php in mini-pub 0.3 allows rem PHP remote file inclusion vulnerability in mini-pub.php/front-end/img.php in mini-pub 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the sFileName parameter.
nvd
CVE-2008-5883P3HIGHCVSS 7.8PoC≤ 0.3v0.1+2 more2009-01-12
CVE-2008-5883 [HIGH] CWE-22 CVE-2008-5883: Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter.
nvd
CVE-2008-5579P4MEDIUMCVSS 5.0PoCv0.32008-12-15
CVE-2008-5579 [MEDIUM] CWE-22 CVE-2008-5579: Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remot Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter.
nvd
CVE-2008-5936P4MEDIUMCVSS 5.0PoC≤ 0.3v0.1+2 more2009-01-22
CVE-2008-5936 [MEDIUM] CWE-200 CVE-2008-5936: front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers to read files and obtain PHP front-end/edit.php in mini-pub 0.3 and earlier allows remote attackers to read files and obtain PHP source code via a filename in the sFileName parameter.
nvd
Mini-Pub vulnerabilities | cvebase