CVE-2008-6933

Minigal - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in index.php in MiniGal b13 (aka MG2) allows remote attackers to read the source code of .php files, and possibly the content of other files, via a .. (dot dot) in the list parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Alfons Luja · phpwebappsphp

https://www.exploit-db.com/exploits/7130

View Code ZIP pw:eip

References (3)

[Exploit] http://www.securityfocus.com/bid/32312

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46635

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/7130

Scores

EPSS 0.0312

EPSS Percentile 86.9%

Details

CWE

CWE-22

Status published

Products (1)

minigal/minigal b13

Published Aug 11, 2009

Tracked Since Feb 18, 2026