Vulnerabilities > CVE-2005-4449 - Remote Security vulnerability in Flatnuke 2.5.6
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, then this issue does not cross privilege boundaries and would not be a vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Flatnuke 2.5.6 Privilege Escalation / Remote Commands Execution Exploit. CVE-2005-4208,CVE-2005-4449. Webapps exploit for php platform |
id | EDB-ID:1367 |
last seen | 2016-01-31 |
modified | 2005-12-10 |
published | 2005-12-10 |
reporter | rgod |
source | https://www.exploit-db.com/download/1367/ |
title | Flatnuke 2.5.6 - Privilege Escalation / Remote Commands Execution Exploit |