Vulnerabilities > Flatnuke3

DATE	CVE	VULNERABILITY TITLE	RISK
2007-11-01	CVE-2007-5774	Information Exposure vulnerability in Flatnuke3 index.php in the File Manager module in Flatnuke 3 allows remote attackers to obtain sensitive information via an invalid argumentname parameter in a disc op action, which reveals the path in an error message. network low complexity flatnuke3 CWE-200	5.0
2007-11-01	CVE-2007-5773	Cross-Site Request Forgery (CSRF) vulnerability in Flatnuke3 Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote attackers to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter. network flatnuke3 CWE-352	4.3
2007-11-01	CVE-2007-5772	Code Injection vulnerability in Flatnuke3 Direct static code injection vulnerability in the download module in Flatnuke 3 allows remote authenticated administrators to inject arbitrary PHP code into a description.it.php file in a subdirectory of Download/ by saving a description and setting fneditmode to 1. network flatnuke3 CWE-94	6.0
2007-11-01	CVE-2007-5771	Permissions, Privileges, and Access Controls vulnerability in Flatnuke3 Flatnuke 3 (aka FlatnuX) allows remote attackers to obtain administrative access via a myforum%00 cookie. network low complexity flatnuke3 CWE-264	7.5

Vulnerabilities > Flatnuke3 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Flatnuke3"}]}