CVE-2007-3272

Name of the Vulnerable Software and Affected Versions MiniBB version 2.0.5

Description A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using a .. (dot dot) in the language parameter within a register action.

Recommendations For MiniBB version 2.0.5, consider restricting access to the language parameter in the register action to prevent exploitation until a fix is available. As a temporary workaround, disabling the register action or limiting file access through the index.php file may help minimize the risk.