Vulnerabilities > CVE-2005-3307 - Remote File Include vulnerability in FlatNuke

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
flatnuke
exploit available

Summary

Directory traversal vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to read arbitrary files via ".." sequences in the (1) user parameter in a profile operation or (2) quale parameter in a newtopic operation.

Vulnerable Configurations

Part Description Count
Application
Flatnuke
1

Exploit-Db

descriptionFlatNuke 2.5.x Index.PHP Multiple Remote File Include Vulnerabilities. CVE-2005-3307 . Webapps exploit for php platform
idEDB-ID:26384
last seen2016-02-03
modified2005-10-22
published2005-10-22
reporter[email protected]
sourcehttps://www.exploit-db.com/download/26384/
titleFlatNuke 2.5.x Index.PHP Multiple Remote File Include Vulnerabilities