CVE-2008-2028

miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to obtain the full path via a direct request to the glang parameter in a registernew action to index.php, which leaks the path in an error message.
Configurations

Configuration 1

cpe:2.3:a:minibb:minibb:*:*:*:*:*:*:*:*

Information

Published : 2008-04-30 04:17

Updated : 2017-09-29 01:30


NVD link : CVE-2008-2028

Mitre link : CVE-2008-2028

Products Affected
No products.
CWE