Vulnerabilities > CVE-2005-1893 - Information Disclosure vulnerability in Flatnuke 2.5.3

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

flatnuke

exploit available

NVD

Published: 2005-06-09

Updated: 2011-03-08

Summary

FlatNuke 2.5.3 allows remote attackers to obtain sensitive information via invalid parameters to certain scripts, which leaks the web document root in an error message.

Vulnerable Configurations

Part	Description	Count
Application	Flatnuke Flatnuke Flatnuke 2.5.3	1

Exploit-Db

description	FlatNuke 2.5.x index.php where Variable Path Disclosure. CVE-2005-1893. Webapps exploit for php platform
id	EDB-ID:25799
last seen	2016-02-03
modified	2005-06-07
published	2005-06-07
reporter	SecWatch
source	https://www.exploit-db.com/download/25799/
title	FlatNuke 2.5.x index.php where Variable Path Disclosure

References

http://flatnuke.sourceforge.net/index.php?mod=read&id=1117979256
http://secunia.com/advisories/15603
http://securitytracker.com/id?1014114
http://secwatch.org/advisories/secwatch/20050604_flatnuke.txt
http://www.vupen.com/english/advisories/2005/0697