MEDIUM
MiniGal
CVE published 2026-02-11
CVE-2026-25869
CVE-2026-25869 is a path traversal vulnerability in MiniGal Nano versions 0.3.5 and prior. The vulnerability is located in the index.php file and is caused by the application's improper handling of user-controlled input to the photos directory. An attacker can exploit this behavior to cause the application to enumerate and display image files from unintended filesystem locations that are readable by the w [truncated]