Unrated severityNVD Advisory· Published Apr 30, 2008· Updated Jun 16, 2026
CVE-2008-2028
CVE-2008-2028
Description
miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to obtain the full path via a direct request to the glang parameter in a registernew action to index.php, which leaks the path in an error message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.