CNNVD-202602-1908 Information

CNNVD ID

CNNVD-202602-1908

Related CVE

CVE-2026-25869

• CNNVD Published: 2026-02-11

Description (Chinese)

MiniGal Nano是rybber个人开发者的一个PHP相册程序。 MiniGal Nano 0.3.5及之前版本存在路径遍历漏洞，该漏洞源于index.php中dir参数存在路径遍历问题，可能导致枚举和显示来自非预期文件系统位置的图像文件。

Description (English)

MiniGal Nano is a PHP album program for rybber personal developers. MiniGal Nano 0.3.5 and previous versions have path-to-path loopholes, which stem from the dir parameters in index.php with routing problems that may lead to the listing and display of image files from unexpected file system locations.

Vulnerability Type

路径遍历

Affected Vendor

个人开发者

Published

2026-02-11

Last Modified

2026-02-24

References

https://sourceforge.net/projects/minigalnano/ http://www.minigal.dk/minigal-nano.html https://web.archive.org/web/20180330004313/ https://www.vulncheck.com/advisories/minigal-nano-path-traversal-via-dir-parameter https://access.redhat.com/security/cve/cve-2026-25869