Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter.Referenceshttp://securityreason.com/securityalert/4897https://www.exploit-db.com/exploits/6734http://www.securityfocus.com/bid/31733https://exchange.xforce.ibmcloud.com/vulnerabilities/45829
