Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flatnuke3 flatnuke3 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-5774
index.php in the File Manager module in Flatnuke 3 allows remote malicious users to obtain sensitive information via an invalid argumentname parameter in a disc op action, which reveals the path in an error message.
Flatnuke3 Flatnuke3
1 EDB exploit
7.5
CVSSv2
CVE-2007-5771
Flatnuke 3 (aka FlatnuX) allows remote malicious users to obtain administrative access via a myforum%00 cookie.
Flatnuke3 Flatnuke3
1 EDB exploit
6
CVSSv2
CVE-2007-5772
Direct static code injection vulnerability in the download module in Flatnuke 3 allows remote authenticated administrators to inject arbitrary PHP code into a description.it.php file in a subdirectory of Download/ by saving a description and setting fneditmode to 1. NOTE: unauthe...
Flatnuke3 Flatnuke3
1 EDB exploit
4.3
CVSSv2
CVE-2007-5773
Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote malicious users to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter.
Flatnuke3 Flatnuke3
1 EDB exploit
5.1
CVSSv2
CVE-2009-0572
PHP remote file inclusion vulnerability in include/flatnux.php in FlatnuX CMS (aka Flatnuke3) 2009-01-27 and 2009-02-04, when register_globals is enabled and magic_quotes_gpc disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the _FNROOTPATH parame...
Flatnux Flatnux 2009-01-27
Flatnux Flatnux 2009-02-04
1 EDB exploit
4.3
CVSSv2
CVE-2008-5759
Cross-site scripting (XSS) vulnerability in FlatnuX CMS (aka Flatnuke3) 2008-12-11 allows remote malicious users to inject arbitrary web script or HTML via the name parameter in an updaterecord action to index.php in the 08_Files module. NOTE: the provenance of this information i...
Flatnux Flatnux 2008-12-11
1 EDB exploit
4.3
CVSSv2
CVE-2008-5761
Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS (aka Flatnuke3) 2008-12-11 allow remote malicious users to inject arbitrary web script or HTML via (1) the mod parameter to the default URI; (2) the foto parameter to photo.php in the 05_Foto module; or (3) the na...
Flatnux Flatnux 2008-12-11
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started