Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flatnuke3 flatnuke3 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-5771
Flatnuke 3 (aka FlatnuX) allows remote malicious users to obtain administrative access via a myforum%00 cookie.
Flatnuke3 Flatnuke3
1 EDB exploit
6
CVSSv2
CVE-2007-5772
Direct static code injection vulnerability in the download module in Flatnuke 3 allows remote authenticated administrators to inject arbitrary PHP code into a description.it.php file in a subdirectory of Download/ by saving a description and setting fneditmode to 1. NOTE: unauthe...
Flatnuke3 Flatnuke3
1 EDB exploit
4.3
CVSSv2
CVE-2007-5773
Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote malicious users to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter.
Flatnuke3 Flatnuke3
1 EDB exploit
5
CVSSv2
CVE-2007-5774
index.php in the File Manager module in Flatnuke 3 allows remote malicious users to obtain sensitive information via an invalid argumentname parameter in a disc op action, which reveals the path in an error message.
Flatnuke3 Flatnuke3
1 EDB exploit
5.1
CVSSv2
CVE-2009-0572
PHP remote file inclusion vulnerability in include/flatnux.php in FlatnuX CMS (aka Flatnuke3) 2009-01-27 and 2009-02-04, when register_globals is enabled and magic_quotes_gpc disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the _FNROOTPATH parame...
Flatnux Flatnux 2009-01-27
Flatnux Flatnux 2009-02-04
1 EDB exploit
4.3
CVSSv2
CVE-2008-5759
Cross-site scripting (XSS) vulnerability in FlatnuX CMS (aka Flatnuke3) 2008-12-11 allows remote malicious users to inject arbitrary web script or HTML via the name parameter in an updaterecord action to index.php in the 08_Files module. NOTE: the provenance of this information i...
Flatnux Flatnux 2008-12-11
1 EDB exploit
4.3
CVSSv2
CVE-2008-5761
Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS (aka Flatnuke3) 2008-12-11 allow remote malicious users to inject arbitrary web script or HTML via (1) the mod parameter to the default URI; (2) the foto parameter to photo.php in the 05_Foto module; or (3) the na...
Flatnux Flatnux 2008-12-11
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started