Vulnerabilities > Flatnuke > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0267 | Unspecified vulnerability in Flatnuke 2.5.1 index.php in FlatNuke 2.5.1 allows remote attackers to create an administrator account via carriage returns and #10 in the url_avatar field, which is interpreted as a sensitive directive. | 7.5 |
| 2005-01-03 | CVE-2005-0268 | Unspecified vulnerability in Flatnuke 2.5.1 Direct code injection vulnerability in FlatNuke 2.5.1 allows remote attackers to execute arbitrary PHP code by placing the code into the url_avatar field. | 7.5 |