CVE-2008-6933

Name of the Vulnerable Software and Affected Versions: MiniGal version b13

Description: A directory traversal issue in index.php allows remote attackers to read the source code of .php files, and possibly the content of other files, via a .. (dot dot) in the list parameter.

Recommendations: For MiniGal version b13, consider restricting access to the index.php file until a patch is available. As a temporary workaround, avoid using the list parameter in the affected API endpoint until the issue is resolved.