Vulnerabilities

CVE-2008-2028

by Fred · 30/04/2008

miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to obtain the full path via a direct request to the glang parameter in a registernew action to index.php, which leaks the path in an error message.

Date published : 2008-04-30

https://www.exploit-db.com/exploits/5494

http://www.minibb.net/forums/9_5110_0.html

Related

Tags: Cybersecurity Alert