Vulnerabilities > CVE-2005-3307 - Remote File Include vulnerability in FlatNuke

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
flatnuke
exploit available
NVD
Published: 2005-10-26
Updated: 2016-10-18

Summary

Directory traversal vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to read arbitrary files via ".." sequences in the (1) user parameter in a profile operation or (2) quale parameter in a newtopic operation.

Vulnerable Configurations

Part Description Count
Application
Flatnuke
1

Exploit-Db

descriptionFlatNuke 2.5.x Index.PHP Multiple Remote File Include Vulnerabilities. CVE-2005-3307 . Webapps exploit for php platform
idEDB-ID:26384
last seen2016-02-03
modified2005-10-22
published2005-10-22
reporter[email protected]
sourcehttps://www.exploit-db.com/download/26384/
titleFlatNuke 2.5.x Index.PHP Multiple Remote File Include Vulnerabilities

References