CVE-2008-5883

mini-pub <0.3 - Path Traversal

Title source: llm

Description

Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by GoLd_M · textwebappsphp

https://www.exploit-db.com/exploits/6734

View Code ZIP pw:eip

References (4)

[Exploit] http://www.securityfocus.com/bid/31733

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/45829

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6734

[Third Party Advisory] http://securityreason.com/securityalert/4897

Scores

EPSS 0.0382

EPSS Percentile 87.9%

Classification

CWE

CWE-22

Status draft

Affected Products (4)

mini-pub/mini-pub < 0.3

mini-pub/mini-pub

Timeline

Published Jan 12, 2009

Tracked Since Feb 18, 2026