Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
43 vulnerabilities found for flatnuke by flatnuke
VAR-201402-0268
Vulnerability from variot - Updated: 2023-12-18 13:34Cross-site scripting (XSS) vulnerability in adminui/user_list.php on the Dell KACE K1000 management appliance 5.5.90545 allows remote attackers to inject arbitrary web script or HTML via the LABEL_ID parameter. (CWE-79). Dell Provided by KACE K1000 Contains a cross-site scripting vulnerability. FlatNuke is a web content management system (CMS) based on text files. When a user browses an affected website, their browser will execute arbitrary script code provided by the attacker, which may cause the attacker to steal cookie-based authentication and launch other attacks. There are vulnerabilities in FlatNuke version 3.1.2, other versions may also be affected. Dell KACE K1000 is a set of IT equipment management solutions in the KACE system management series of Dell (Dell). This solution provides functions such as software distribution, configuration management, patch installation, and security vulnerability remediation. The vulnerability is caused by the fact that the adminui/user_list.php page does not sufficiently filter the 'LABEL_ID' parameter
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201402-0268",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kace k1000 systems management appliance software",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "5.5.90545"
},
{
"model": "kace k1000 systems management appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell computer",
"version": null
},
{
"model": "kace k1000 systems management appliance",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "kace k1000 systems management appliance software",
"scope": "lte",
"trust": 0.8,
"vendor": "dell",
"version": "version 5.5.90545"
},
{
"model": "flatnuke",
"scope": "eq",
"trust": 0.3,
"vendor": "flatnuke",
"version": "3.1.2"
},
{
"model": "flatnuke",
"scope": "ne",
"trust": 0.3,
"vendor": "flatnuke",
"version": "3.1.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#813382"
},
{
"db": "BID",
"id": "65309"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001310"
},
{
"db": "NVD",
"id": "CVE-2014-0330"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-082"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:dell:kace_k1000_systems_management_appliance_software:5.5.90545:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dell:kace_k1000_systems_management_appliance:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0330"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Canberk Bolat.",
"sources": [
{
"db": "BID",
"id": "65309"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-361"
}
],
"trust": 0.9
},
"cve": "CVE-2014-0330",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 3.5,
"exploitability": "UNPROVEN",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0330",
"impactScore": 2.9,
"integrityImpact": "NONE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "WORKAROUND",
"reportConfidence": "CONFIRMED",
"severity": "MEDIUM",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-0330",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-67823",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0330",
"trust": 2.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201402-082",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-67823",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#813382"
},
{
"db": "VULHUB",
"id": "VHN-67823"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001310"
},
{
"db": "NVD",
"id": "CVE-2014-0330"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-082"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in adminui/user_list.php on the Dell KACE K1000 management appliance 5.5.90545 allows remote attackers to inject arbitrary web script or HTML via the LABEL_ID parameter. (CWE-79). Dell Provided by KACE K1000 Contains a cross-site scripting vulnerability. FlatNuke is a web content management system (CMS) based on text files. When a user browses an affected website, their browser will execute arbitrary script code provided by the attacker, which may cause the attacker to steal cookie-based authentication and launch other attacks. There are vulnerabilities in FlatNuke version 3.1.2, other versions may also be affected. Dell KACE K1000 is a set of IT equipment management solutions in the KACE system management series of Dell (Dell). This solution provides functions such as software distribution, configuration management, patch installation, and security vulnerability remediation. The vulnerability is caused by the fact that the adminui/user_list.php page does not sufficiently filter the \u0027LABEL_ID\u0027 parameter",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0330"
},
{
"db": "CERT/CC",
"id": "VU#813382"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001310"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-361"
},
{
"db": "BID",
"id": "65333"
},
{
"db": "BID",
"id": "65309"
},
{
"db": "VULHUB",
"id": "VHN-67823"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#813382",
"trust": 3.9
},
{
"db": "NVD",
"id": "CVE-2014-0330",
"trust": 3.6
},
{
"db": "BID",
"id": "65333",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "102855",
"trust": 1.1
},
{
"db": "BID",
"id": "65309",
"trust": 0.9
},
{
"db": "JVN",
"id": "JVNVU95114228",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001310",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201402-082",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201402-361",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-67823",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#813382"
},
{
"db": "VULHUB",
"id": "VHN-67823"
},
{
"db": "BID",
"id": "65333"
},
{
"db": "BID",
"id": "65309"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001310"
},
{
"db": "NVD",
"id": "CVE-2014-0330"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-361"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-082"
}
]
},
"id": "VAR-201402-0268",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-67823"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:34:42.927000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Dell KACE K1000 Systems Management Appliance",
"trust": 0.8,
"url": "http://www.kace.com/jp/products/systems-management-appliance"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001310"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 2.7
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#813382"
},
{
"db": "VULHUB",
"id": "VHN-67823"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001310"
},
{
"db": "NVD",
"id": "CVE-2014-0330"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.kb.cert.org/vuls/id/813382"
},
{
"trust": 1.6,
"url": "http://www.kace.com/support/resources/kb/solutiondetail?sol=sol120154"
},
{
"trust": 1.4,
"url": "http://www.kace.com/products/systems-management-appliance"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/65333"
},
{
"trust": 1.1,
"url": "http://osvdb.org/102855"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90954"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0330"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95114228/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0330"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/65309"
},
{
"trust": 0.3,
"url": "http://flatnuke.netsons.org/index.php?action=viewnews\u0026news=1387985445"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#813382"
},
{
"db": "VULHUB",
"id": "VHN-67823"
},
{
"db": "BID",
"id": "65333"
},
{
"db": "BID",
"id": "65309"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001310"
},
{
"db": "NVD",
"id": "CVE-2014-0330"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-361"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-082"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#813382"
},
{
"db": "VULHUB",
"id": "VHN-67823"
},
{
"db": "BID",
"id": "65333"
},
{
"db": "BID",
"id": "65309"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001310"
},
{
"db": "NVD",
"id": "CVE-2014-0330"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-361"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-082"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-04T00:00:00",
"db": "CERT/CC",
"id": "VU#813382"
},
{
"date": "2014-02-06T00:00:00",
"db": "VULHUB",
"id": "VHN-67823"
},
{
"date": "2014-02-04T00:00:00",
"db": "BID",
"id": "65333"
},
{
"date": "2014-01-29T00:00:00",
"db": "BID",
"id": "65309"
},
{
"date": "2014-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001310"
},
{
"date": "2014-02-06T23:55:03.993000",
"db": "NVD",
"id": "CVE-2014-0330"
},
{
"date": "2014-01-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-361"
},
{
"date": "2014-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-082"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-11T00:00:00",
"db": "CERT/CC",
"id": "VU#813382"
},
{
"date": "2018-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-67823"
},
{
"date": "2014-02-04T00:00:00",
"db": "BID",
"id": "65333"
},
{
"date": "2014-01-29T00:00:00",
"db": "BID",
"id": "65309"
},
{
"date": "2014-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001310"
},
{
"date": "2018-01-03T02:29:02.880000",
"db": "NVD",
"id": "CVE-2014-0330"
},
{
"date": "2014-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-361"
},
{
"date": "2014-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-082"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-361"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-082"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dell KACE K1000 management appliance contains a cross-site scripting vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#813382"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-361"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-082"
}
],
"trust": 1.2
}
}
CVE-2007-5109 (GCVE-0-2007-5109)
Vulnerability from nvd – Published: 2007-09-26 23:00 – Updated: 2024-08-07 15:17- n/a
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/480468/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25817 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/26957 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/3176 | third-party-advisoryx_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070924 Arbitrary Command Inclusion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480468/100/0/threaded"
},
{
"name": "25817",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25817"
},
{
"name": "26957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26957"
},
{
"name": "flatnuke-mod-security-bypass(36763)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36763"
},
{
"name": "3176",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3176"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in index.php in FlatNuke 2.6, and possibly 3, allows remote attackers to change the password and privilege level of arbitrary accounts via the user parameter and modified (1) regpass and (2) level parameters in a none_Login action, as demonstrated by using a Flash object to automatically make the request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070924 Arbitrary Command Inclusion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480468/100/0/threaded"
},
{
"name": "25817",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25817"
},
{
"name": "26957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26957"
},
{
"name": "flatnuke-mod-security-bypass(36763)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36763"
},
{
"name": "3176",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3176"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in index.php in FlatNuke 2.6, and possibly 3, allows remote attackers to change the password and privilege level of arbitrary accounts via the user parameter and modified (1) regpass and (2) level parameters in a none_Login action, as demonstrated by using a Flash object to automatically make the request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070924 Arbitrary Command Inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480468/100/0/threaded"
},
{
"name": "25817",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25817"
},
{
"name": "26957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26957"
},
{
"name": "flatnuke-mod-security-bypass(36763)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36763"
},
{
"name": "3176",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3176"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5109",
"datePublished": "2007-09-26T23:00:00.000Z",
"dateReserved": "2007-09-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:17:28.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3608 (GCVE-0-2006-3608)
Vulnerability from nvd – Published: 2006-07-14 21:00 – Updated: 2024-08-07 18:39- n/a
| URL | Tags |
|---|---|
| http://secunia.com/advisories/21051 | third-party-advisoryx_refsource_SECUNIA |
| http://retrogod.altervista.org/flatnuke257_adv.html | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/439975/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/442421/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/18966 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1016499 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:52.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21051",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21051"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://retrogod.altervista.org/flatnuke257_adv.html"
},
{
"name": "20060713 flatnuke \u003c= 2.5.7 arbitrary php file upload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/439975/100/0/threaded"
},
{
"name": "20060807 Re: flatnuke \u003c= 2.5.7 arbitrary php file upload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/442421/100/0/threaded"
},
{
"name": "18966",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18966"
},
{
"name": "1016499",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016499"
},
{
"name": "flatnuke-gallery-code-execution(27731)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27731"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21051",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21051"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://retrogod.altervista.org/flatnuke257_adv.html"
},
{
"name": "20060713 flatnuke \u003c= 2.5.7 arbitrary php file upload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/439975/100/0/threaded"
},
{
"name": "20060807 Re: flatnuke \u003c= 2.5.7 arbitrary php file upload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/442421/100/0/threaded"
},
{
"name": "18966",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18966"
},
{
"name": "1016499",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016499"
},
{
"name": "flatnuke-gallery-code-execution(27731)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27731"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21051",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21051"
},
{
"name": "http://retrogod.altervista.org/flatnuke257_adv.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/flatnuke257_adv.html"
},
{
"name": "20060713 flatnuke \u003c= 2.5.7 arbitrary php file upload",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439975/100/0/threaded"
},
{
"name": "20060807 Re: flatnuke \u003c= 2.5.7 arbitrary php file upload",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442421/100/0/threaded"
},
{
"name": "18966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18966"
},
{
"name": "1016499",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016499"
},
{
"name": "flatnuke-gallery-code-execution(27731)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27731"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3608",
"datePublished": "2006-07-14T21:00:00.000Z",
"dateReserved": "2006-07-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:39:52.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4449 (GCVE-0-2005-4449)
Vulnerability from nvd – Published: 2005-12-21 11:00 – Updated: 2024-08-07 23:46- n/a
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://cvs.sourceforge.net/viewcvs.py/flatnuke/fl… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/419107 | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1015339 | vdb-entryx_refsource_SECTRACK |
| http://securityreason.com/securityalert/248 | third-party-advisoryx_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "248",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/248"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, then this issue does not cross privilege boundaries and would not be a vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "248",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/248"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4449",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, then this issue does not cross privilege boundaries and would not be a vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"name": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup",
"refsource": "MISC",
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "248",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/248"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4449",
"datePublished": "2005-12-21T11:00:00.000Z",
"dateReserved": "2005-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:46:05.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4448 (GCVE-0-2005-4448)
Vulnerability from nvd – Published: 2005-12-21 11:00 – Updated: 2024-08-07 23:46- n/a
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://cvs.sourceforge.net/viewcvs.py/flatnuke/fl… | x_refsource_MISC |
| http://www.securityfocus.com/bid/15796 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/419107 | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1015339 | vdb-entryx_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015339"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FlatNuke 2.5.6 verifies authentication credentials based on an MD5 checksum of the admin name and the hashed password rather than the plaintext password, which allows attackers to gain privileges by obtaining the password hash (possibly via CVE-2005-2813), then calculating the credentials and including them in the secid cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015339"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4448",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FlatNuke 2.5.6 verifies authentication credentials based on an MD5 checksum of the admin name and the hashed password rather than the plaintext password, which allows attackers to gain privileges by obtaining the password hash (possibly via CVE-2005-2813), then calculating the credentials and including them in the secid cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"name": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup",
"refsource": "MISC",
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "15796",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015339"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4448",
"datePublished": "2005-12-21T11:00:00.000Z",
"dateReserved": "2005-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:46:05.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4208 (GCVE-0-2005-4208)
Vulnerability from nvd – Published: 2005-12-13 11:00 – Updated: 2024-08-07 23:38- n/a
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/419107/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/15796 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1015339 | vdb-entryx_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015339"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Flatnuke 2.5.6 allows remote attackers to access arbitrary files via a .. (dot dot) and null byte (%00) in the id parameter of the read module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015339"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Flatnuke 2.5.6 allows remote attackers to access arbitrary files via a .. (dot dot) and null byte (%00) in the id parameter of the read module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015339"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4208",
"datePublished": "2005-12-13T11:00:00.000Z",
"dateReserved": "2005-12-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:38:51.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3361 (GCVE-0-2005-3361)
Vulnerability from nvd – Published: 2005-10-29 02:22 – Updated: 2024-08-07 23:10- n/a
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=113019486931157&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2005/2178 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/20246 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:10:08.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051024 Flat Nuke Cross Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113019486931157\u0026w=2"
},
{
"name": "ADV-2005-2178",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2178"
},
{
"name": "20246",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20246"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in forum/index.php in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the nome parameter in a login operation, a variant of CVE-2005-3306."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051024 Flat Nuke Cross Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113019486931157\u0026w=2"
},
{
"name": "ADV-2005-2178",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2178"
},
{
"name": "20246",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20246"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in forum/index.php in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the nome parameter in a login operation, a variant of CVE-2005-3306."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051024 Flat Nuke Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=113019486931157\u0026w=2"
},
{
"name": "ADV-2005-2178",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2178"
},
{
"name": "20246",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20246"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3361",
"datePublished": "2005-10-29T02:22:00.000Z",
"dateReserved": "2005-10-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:10:08.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3306 (GCVE-0-2005-3306)
Vulnerability from nvd – Published: 2005-10-25 04:00 – Updated: 2024-08-07 23:10- n/a
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=113018940229407&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/20246 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/17291/ | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:10:07.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051022 File Including In FLAT NUKE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113018940229407\u0026w=2"
},
{
"name": "20246",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20246"
},
{
"name": "17291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17291/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the user parameter in a profile operation, a different vulnerability than CVE-2005-2814. NOTE: it is possible that this XSS is a resultant vulnerability of CVE-2005-3307."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051022 File Including In FLAT NUKE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113018940229407\u0026w=2"
},
{
"name": "20246",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20246"
},
{
"name": "17291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17291/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the user parameter in a profile operation, a different vulnerability than CVE-2005-2814. NOTE: it is possible that this XSS is a resultant vulnerability of CVE-2005-3307."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051022 File Including In FLAT NUKE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=113018940229407\u0026w=2"
},
{
"name": "20246",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20246"
},
{
"name": "17291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17291/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3306",
"datePublished": "2005-10-25T04:00:00.000Z",
"dateReserved": "2005-10-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:10:07.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2815 (GCVE-0-2005-2815)
Vulnerability from nvd – Published: 2005-09-07 04:00 – Updated: 2024-08-07 22:45- n/a
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1014824 | vdb-entryx_refsource_SECTRACK |
| http://seclists.org/lists/bugtraq/2005/Aug/0440.html | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:45:02.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "flatnuke-msdos-news-path-disclosure(22153)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22153"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "print.php in FlatNuke 2.5.6 allows remote attackers to obtain sensitive information (path disclosure on error) or cause a denial of service (resource consumption) via an MS-DOS device name in the news parameter to print.php, such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "flatnuke-msdos-news-path-disclosure(22153)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22153"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "print.php in FlatNuke 2.5.6 allows remote attackers to obtain sensitive information (path disclosure on error) or cause a denial of service (resource consumption) via an MS-DOS device name in the news parameter to print.php, such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "flatnuke-msdos-news-path-disclosure(22153)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22153"
},
{
"name": "1014824",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2815",
"datePublished": "2005-09-07T04:00:00.000Z",
"dateReserved": "2005-09-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:45:02.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2814 (GCVE-0-2005-2814)
Vulnerability from nvd – Published: 2005-09-07 04:00 – Updated: 2024-08-07 22:45- n/a
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1014824 | vdb-entryx_refsource_SECTRACK |
| http://seclists.org/lists/bugtraq/2005/Aug/0440.html | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/14704 | vdb-entryx_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:45:02.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "flatnuke-indexphp-xss(22101)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22101"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
},
{
"name": "14704",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14704"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the usr parameter in a vis_reg operation to index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "flatnuke-indexphp-xss(22101)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22101"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
},
{
"name": "14704",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14704"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the usr parameter in a vis_reg operation to index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "flatnuke-indexphp-xss(22101)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22101"
},
{
"name": "1014824",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
},
{
"name": "14704",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14704"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2814",
"datePublished": "2005-09-07T04:00:00.000Z",
"dateReserved": "2005-09-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:45:02.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2813 (GCVE-0-2005-2813)
Vulnerability from nvd – Published: 2005-09-07 04:00 – Updated: 2024-08-07 22:45- n/a
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/14702 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/16650/ | third-party-advisoryx_refsource_SECUNIA |
| http://securitytracker.com/id?1014824 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/419107/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/15796 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1015339 | vdb-entryx_refsource_SECTRACK |
| http://seclists.org/lists/bugtraq/2005/Aug/0440.html | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:45:02.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14702",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14702"
},
{
"name": "16650",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16650/"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via \"..\" sequences and \"%00\" (trailing null byte) characters in the id parameter to the read mod in index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "14702",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14702"
},
{
"name": "16650",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16650/"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2813",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via \"..\" sequences and \"%00\" (trailing null byte) characters in the id parameter to the read mod in index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14702",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14702"
},
{
"name": "16650",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16650/"
},
{
"name": "1014824",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2813",
"datePublished": "2005-09-07T04:00:00.000Z",
"dateReserved": "2005-09-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:45:02.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2539 (GCVE-0-2005-2539)
Vulnerability from nvd – Published: 2005-08-10 04:00 – Updated: 2024-08-07 22:30- n/a
| URL | Tags |
|---|---|
| http://www.osvdb.org/18552 | vdb-entryx_refsource_OSVDB |
| http://marc.info/?l=bugtraq&m=112327238030127&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.rgod.altervista.org/flatnuke.html | x_refsource_MISC |
| http://secunia.com/advisories/16330 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/14483 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/18553 | vdb-entryx_refsource_OSVDB |
| http://www.osvdb.org/18551 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.712Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18552",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18552"
},
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatnuke-structure-xss(21707)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21707"
},
{
"name": "flatnuke-news-articles-xss(21708)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21708"
},
{
"name": "14483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14483"
},
{
"name": "18553",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18553"
},
{
"name": "18551",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18551"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote attackers to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_mail, or (7) back parameter to footer.php, or (8) the message body in a news post."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18552",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18552"
},
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatnuke-structure-xss(21707)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21707"
},
{
"name": "flatnuke-news-articles-xss(21708)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21708"
},
{
"name": "14483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14483"
},
{
"name": "18553",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18553"
},
{
"name": "18551",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18551"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2539",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote attackers to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_mail, or (7) back parameter to footer.php, or (8) the message body in a news post."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18552",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18552"
},
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"name": "http://www.rgod.altervista.org/flatnuke.html",
"refsource": "MISC",
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatnuke-structure-xss(21707)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21707"
},
{
"name": "flatnuke-news-articles-xss(21708)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21708"
},
{
"name": "14483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14483"
},
{
"name": "18553",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18553"
},
{
"name": "18551",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18551"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2539",
"datePublished": "2005-08-10T04:00:00.000Z",
"dateReserved": "2005-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2540 (GCVE-0-2005-2540)
Vulnerability from nvd – Published: 2005-08-10 04:00 – Updated: 2024-08-07 22:30- n/a
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=112327238030127&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.rgod.altervista.org/flatnuke.html | x_refsource_MISC |
| http://secunia.com/advisories/16330 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/18554 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/14485 | vdb-entryx_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.732Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatNuke-firma-execute-commands(21709)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21709"
},
{
"name": "18554",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18554"
},
{
"name": "14485",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14485"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to execute arbitrary PHP commands via an ASCII char 13 (carriage return) in the signature field, which is injected into a PHP script without a preceding comment character, which can then be executed by a direct request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatNuke-firma-execute-commands(21709)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21709"
},
{
"name": "18554",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18554"
},
{
"name": "14485",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14485"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to execute arbitrary PHP commands via an ASCII char 13 (carriage return) in the signature field, which is injected into a PHP script without a preceding comment character, which can then be executed by a direct request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"name": "http://www.rgod.altervista.org/flatnuke.html",
"refsource": "MISC",
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatNuke-firma-execute-commands(21709)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21709"
},
{
"name": "18554",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18554"
},
{
"name": "14485",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14485"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2540",
"datePublished": "2005-08-10T04:00:00.000Z",
"dateReserved": "2005-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2538 (GCVE-0-2005-2538)
Vulnerability from nvd – Published: 2005-08-10 04:00 – Updated: 2024-08-07 22:30- n/a
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=112327238030127&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.rgod.altervista.org/flatnuke.html | x_refsource_MISC |
| http://secunia.com/advisories/16330 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/18550 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18550",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via (1) a null byte or (2) an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1 in the mod parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18550",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via (1) a null byte or (2) an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1 in the mod parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"name": "http://www.rgod.altervista.org/flatnuke.html",
"refsource": "MISC",
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18550",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2538",
"datePublished": "2005-08-10T04:00:00.000Z",
"dateReserved": "2005-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2537 (GCVE-0-2005-2537)
Vulnerability from nvd – Published: 2005-08-10 04:00 – Updated: 2024-08-07 22:30- n/a
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=112327238030127&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.rgod.altervista.org/flatnuke.html | x_refsource_MISC |
| http://secunia.com/advisories/16330 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/18549 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18549",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18549"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via a direct request to structure.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18549",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18549"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2537",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via a direct request to structure.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"name": "http://www.rgod.altervista.org/flatnuke.html",
"refsource": "MISC",
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18549",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18549"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2537",
"datePublished": "2005-08-10T04:00:00.000Z",
"dateReserved": "2005-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1892 (GCVE-0-2005-1892)
Vulnerability from nvd – Published: 2005-06-08 04:00 – Updated: 2024-08-07 22:06- n/a
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1014114 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/15603 | third-party-advisoryx_refsource_SECUNIA |
| http://secwatch.org/advisories/secwatch/20050604_… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2005/0697 | vdb-entryx_refsource_VUPEN |
| http://flatnuke.sourceforge.net/index.php?mod=rea… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1014114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014114"
},
{
"name": "15603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15603"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secwatch.org/advisories/secwatch/20050604_flatnuke.txt"
},
{
"name": "ADV-2005-0697",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/0697"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://flatnuke.sourceforge.net/index.php?mod=read\u0026id=1117979256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive information via (1) a direct request to foot_news.php, which triggers an infinite loop, or (2) direct requests to unknown scripts, which reveals the web document root in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1014114",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014114"
},
{
"name": "15603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15603"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secwatch.org/advisories/secwatch/20050604_flatnuke.txt"
},
{
"name": "ADV-2005-0697",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/0697"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://flatnuke.sourceforge.net/index.php?mod=read\u0026id=1117979256"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive information via (1) a direct request to foot_news.php, which triggers an infinite loop, or (2) direct requests to unknown scripts, which reveals the web document root in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1014114",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014114"
},
{
"name": "15603",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15603"
},
{
"name": "http://secwatch.org/advisories/secwatch/20050604_flatnuke.txt",
"refsource": "MISC",
"url": "http://secwatch.org/advisories/secwatch/20050604_flatnuke.txt"
},
{
"name": "ADV-2005-0697",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/0697"
},
{
"name": "http://flatnuke.sourceforge.net/index.php?mod=read\u0026id=1117979256",
"refsource": "CONFIRM",
"url": "http://flatnuke.sourceforge.net/index.php?mod=read\u0026id=1117979256"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1892",
"datePublished": "2005-06-08T04:00:00.000Z",
"dateReserved": "2005-06-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:06:57.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5109 (GCVE-0-2007-5109)
Vulnerability from cvelistv5 – Published: 2007-09-26 23:00 – Updated: 2024-08-07 15:17- n/a
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/480468/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25817 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/26957 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/3176 | third-party-advisoryx_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070924 Arbitrary Command Inclusion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480468/100/0/threaded"
},
{
"name": "25817",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25817"
},
{
"name": "26957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26957"
},
{
"name": "flatnuke-mod-security-bypass(36763)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36763"
},
{
"name": "3176",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3176"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in index.php in FlatNuke 2.6, and possibly 3, allows remote attackers to change the password and privilege level of arbitrary accounts via the user parameter and modified (1) regpass and (2) level parameters in a none_Login action, as demonstrated by using a Flash object to automatically make the request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070924 Arbitrary Command Inclusion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480468/100/0/threaded"
},
{
"name": "25817",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25817"
},
{
"name": "26957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26957"
},
{
"name": "flatnuke-mod-security-bypass(36763)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36763"
},
{
"name": "3176",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3176"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in index.php in FlatNuke 2.6, and possibly 3, allows remote attackers to change the password and privilege level of arbitrary accounts via the user parameter and modified (1) regpass and (2) level parameters in a none_Login action, as demonstrated by using a Flash object to automatically make the request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070924 Arbitrary Command Inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480468/100/0/threaded"
},
{
"name": "25817",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25817"
},
{
"name": "26957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26957"
},
{
"name": "flatnuke-mod-security-bypass(36763)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36763"
},
{
"name": "3176",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3176"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5109",
"datePublished": "2007-09-26T23:00:00.000Z",
"dateReserved": "2007-09-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:17:28.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3608 (GCVE-0-2006-3608)
Vulnerability from cvelistv5 – Published: 2006-07-14 21:00 – Updated: 2024-08-07 18:39- n/a
| URL | Tags |
|---|---|
| http://secunia.com/advisories/21051 | third-party-advisoryx_refsource_SECUNIA |
| http://retrogod.altervista.org/flatnuke257_adv.html | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/439975/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/442421/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/18966 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1016499 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:52.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21051",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21051"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://retrogod.altervista.org/flatnuke257_adv.html"
},
{
"name": "20060713 flatnuke \u003c= 2.5.7 arbitrary php file upload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/439975/100/0/threaded"
},
{
"name": "20060807 Re: flatnuke \u003c= 2.5.7 arbitrary php file upload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/442421/100/0/threaded"
},
{
"name": "18966",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18966"
},
{
"name": "1016499",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016499"
},
{
"name": "flatnuke-gallery-code-execution(27731)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27731"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21051",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21051"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://retrogod.altervista.org/flatnuke257_adv.html"
},
{
"name": "20060713 flatnuke \u003c= 2.5.7 arbitrary php file upload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/439975/100/0/threaded"
},
{
"name": "20060807 Re: flatnuke \u003c= 2.5.7 arbitrary php file upload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/442421/100/0/threaded"
},
{
"name": "18966",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18966"
},
{
"name": "1016499",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016499"
},
{
"name": "flatnuke-gallery-code-execution(27731)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27731"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21051",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21051"
},
{
"name": "http://retrogod.altervista.org/flatnuke257_adv.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/flatnuke257_adv.html"
},
{
"name": "20060713 flatnuke \u003c= 2.5.7 arbitrary php file upload",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439975/100/0/threaded"
},
{
"name": "20060807 Re: flatnuke \u003c= 2.5.7 arbitrary php file upload",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442421/100/0/threaded"
},
{
"name": "18966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18966"
},
{
"name": "1016499",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016499"
},
{
"name": "flatnuke-gallery-code-execution(27731)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27731"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3608",
"datePublished": "2006-07-14T21:00:00.000Z",
"dateReserved": "2006-07-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:39:52.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4449 (GCVE-0-2005-4449)
Vulnerability from cvelistv5 – Published: 2005-12-21 11:00 – Updated: 2024-08-07 23:46- n/a
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://cvs.sourceforge.net/viewcvs.py/flatnuke/fl… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/419107 | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1015339 | vdb-entryx_refsource_SECTRACK |
| http://securityreason.com/securityalert/248 | third-party-advisoryx_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "248",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/248"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, then this issue does not cross privilege boundaries and would not be a vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "248",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/248"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4449",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, then this issue does not cross privilege boundaries and would not be a vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"name": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup",
"refsource": "MISC",
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "248",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/248"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4449",
"datePublished": "2005-12-21T11:00:00.000Z",
"dateReserved": "2005-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:46:05.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4448 (GCVE-0-2005-4448)
Vulnerability from cvelistv5 – Published: 2005-12-21 11:00 – Updated: 2024-08-07 23:46- n/a
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://cvs.sourceforge.net/viewcvs.py/flatnuke/fl… | x_refsource_MISC |
| http://www.securityfocus.com/bid/15796 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/419107 | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1015339 | vdb-entryx_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015339"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FlatNuke 2.5.6 verifies authentication credentials based on an MD5 checksum of the admin name and the hashed password rather than the plaintext password, which allows attackers to gain privileges by obtaining the password hash (possibly via CVE-2005-2813), then calculating the credentials and including them in the secid cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015339"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4448",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FlatNuke 2.5.6 verifies authentication credentials based on an MD5 checksum of the admin name and the hashed password rather than the plaintext password, which allows attackers to gain privileges by obtaining the password hash (possibly via CVE-2005-2813), then calculating the credentials and including them in the secid cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "flatnuke-multiple-obtain-information(22159)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
},
{
"name": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup",
"refsource": "MISC",
"url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78\u0026view=markup"
},
{
"name": "15796",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419107"
},
{
"name": "1015339",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015339"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4448",
"datePublished": "2005-12-21T11:00:00.000Z",
"dateReserved": "2005-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:46:05.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4208 (GCVE-0-2005-4208)
Vulnerability from cvelistv5 – Published: 2005-12-13 11:00 – Updated: 2024-08-07 23:38- n/a
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/419107/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/15796 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1015339 | vdb-entryx_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015339"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Flatnuke 2.5.6 allows remote attackers to access arbitrary files via a .. (dot dot) and null byte (%00) in the id parameter of the read module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015339"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Flatnuke 2.5.6 allows remote attackers to access arbitrary files via a .. (dot dot) and null byte (%00) in the id parameter of the read module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015339"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4208",
"datePublished": "2005-12-13T11:00:00.000Z",
"dateReserved": "2005-12-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:38:51.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3361 (GCVE-0-2005-3361)
Vulnerability from cvelistv5 – Published: 2005-10-29 02:22 – Updated: 2024-08-07 23:10- n/a
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=113019486931157&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.vupen.com/english/advisories/2005/2178 | vdb-entryx_refsource_VUPEN |
| http://www.osvdb.org/20246 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:10:08.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051024 Flat Nuke Cross Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113019486931157\u0026w=2"
},
{
"name": "ADV-2005-2178",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2178"
},
{
"name": "20246",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20246"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in forum/index.php in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the nome parameter in a login operation, a variant of CVE-2005-3306."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051024 Flat Nuke Cross Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113019486931157\u0026w=2"
},
{
"name": "ADV-2005-2178",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2178"
},
{
"name": "20246",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20246"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in forum/index.php in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the nome parameter in a login operation, a variant of CVE-2005-3306."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051024 Flat Nuke Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=113019486931157\u0026w=2"
},
{
"name": "ADV-2005-2178",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2178"
},
{
"name": "20246",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20246"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3361",
"datePublished": "2005-10-29T02:22:00.000Z",
"dateReserved": "2005-10-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:10:08.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3306 (GCVE-0-2005-3306)
Vulnerability from cvelistv5 – Published: 2005-10-25 04:00 – Updated: 2024-08-07 23:10- n/a
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=113018940229407&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/20246 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/17291/ | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:10:07.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051022 File Including In FLAT NUKE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113018940229407\u0026w=2"
},
{
"name": "20246",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20246"
},
{
"name": "17291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17291/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the user parameter in a profile operation, a different vulnerability than CVE-2005-2814. NOTE: it is possible that this XSS is a resultant vulnerability of CVE-2005-3307."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051022 File Including In FLAT NUKE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113018940229407\u0026w=2"
},
{
"name": "20246",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20246"
},
{
"name": "17291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17291/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the user parameter in a profile operation, a different vulnerability than CVE-2005-2814. NOTE: it is possible that this XSS is a resultant vulnerability of CVE-2005-3307."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051022 File Including In FLAT NUKE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=113018940229407\u0026w=2"
},
{
"name": "20246",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20246"
},
{
"name": "17291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17291/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3306",
"datePublished": "2005-10-25T04:00:00.000Z",
"dateReserved": "2005-10-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:10:07.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2815 (GCVE-0-2005-2815)
Vulnerability from cvelistv5 – Published: 2005-09-07 04:00 – Updated: 2024-08-07 22:45- n/a
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1014824 | vdb-entryx_refsource_SECTRACK |
| http://seclists.org/lists/bugtraq/2005/Aug/0440.html | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:45:02.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "flatnuke-msdos-news-path-disclosure(22153)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22153"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "print.php in FlatNuke 2.5.6 allows remote attackers to obtain sensitive information (path disclosure on error) or cause a denial of service (resource consumption) via an MS-DOS device name in the news parameter to print.php, such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "flatnuke-msdos-news-path-disclosure(22153)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22153"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "print.php in FlatNuke 2.5.6 allows remote attackers to obtain sensitive information (path disclosure on error) or cause a denial of service (resource consumption) via an MS-DOS device name in the news parameter to print.php, such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "flatnuke-msdos-news-path-disclosure(22153)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22153"
},
{
"name": "1014824",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2815",
"datePublished": "2005-09-07T04:00:00.000Z",
"dateReserved": "2005-09-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:45:02.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2814 (GCVE-0-2005-2814)
Vulnerability from cvelistv5 – Published: 2005-09-07 04:00 – Updated: 2024-08-07 22:45- n/a
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1014824 | vdb-entryx_refsource_SECTRACK |
| http://seclists.org/lists/bugtraq/2005/Aug/0440.html | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/14704 | vdb-entryx_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:45:02.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "flatnuke-indexphp-xss(22101)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22101"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
},
{
"name": "14704",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14704"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the usr parameter in a vis_reg operation to index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "flatnuke-indexphp-xss(22101)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22101"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
},
{
"name": "14704",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14704"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the usr parameter in a vis_reg operation to index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "flatnuke-indexphp-xss(22101)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22101"
},
{
"name": "1014824",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
},
{
"name": "14704",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14704"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2814",
"datePublished": "2005-09-07T04:00:00.000Z",
"dateReserved": "2005-09-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:45:02.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2813 (GCVE-0-2005-2813)
Vulnerability from cvelistv5 – Published: 2005-09-07 04:00 – Updated: 2024-08-07 22:45- n/a
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/14702 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/16650/ | third-party-advisoryx_refsource_SECUNIA |
| http://securitytracker.com/id?1014824 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/419107/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/15796 | vdb-entryx_refsource_BID |
| http://securitytracker.com/id?1015339 | vdb-entryx_refsource_SECTRACK |
| http://seclists.org/lists/bugtraq/2005/Aug/0440.html | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:45:02.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14702",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14702"
},
{
"name": "16650",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16650/"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via \"..\" sequences and \"%00\" (trailing null byte) characters in the id parameter to the read mod in index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "14702",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14702"
},
{
"name": "16650",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16650/"
},
{
"name": "1014824",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2813",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via \"..\" sequences and \"%00\" (trailing null byte) characters in the id parameter to the read mod in index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14702",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14702"
},
{
"name": "16650",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16650/"
},
{
"name": "1014824",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014824"
},
{
"name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419107/100/0/threaded"
},
{
"name": "15796",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15796"
},
{
"name": "1015339",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015339"
},
{
"name": "20050830 Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative \u0026 users credentials disclosure",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/lists/bugtraq/2005/Aug/0440.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2813",
"datePublished": "2005-09-07T04:00:00.000Z",
"dateReserved": "2005-09-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:45:02.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2539 (GCVE-0-2005-2539)
Vulnerability from cvelistv5 – Published: 2005-08-10 04:00 – Updated: 2024-08-07 22:30- n/a
| URL | Tags |
|---|---|
| http://www.osvdb.org/18552 | vdb-entryx_refsource_OSVDB |
| http://marc.info/?l=bugtraq&m=112327238030127&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.rgod.altervista.org/flatnuke.html | x_refsource_MISC |
| http://secunia.com/advisories/16330 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/14483 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/18553 | vdb-entryx_refsource_OSVDB |
| http://www.osvdb.org/18551 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.712Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18552",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18552"
},
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatnuke-structure-xss(21707)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21707"
},
{
"name": "flatnuke-news-articles-xss(21708)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21708"
},
{
"name": "14483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14483"
},
{
"name": "18553",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18553"
},
{
"name": "18551",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18551"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote attackers to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_mail, or (7) back parameter to footer.php, or (8) the message body in a news post."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18552",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18552"
},
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatnuke-structure-xss(21707)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21707"
},
{
"name": "flatnuke-news-articles-xss(21708)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21708"
},
{
"name": "14483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14483"
},
{
"name": "18553",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18553"
},
{
"name": "18551",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18551"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2539",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote attackers to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_mail, or (7) back parameter to footer.php, or (8) the message body in a news post."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18552",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18552"
},
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"name": "http://www.rgod.altervista.org/flatnuke.html",
"refsource": "MISC",
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatnuke-structure-xss(21707)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21707"
},
{
"name": "flatnuke-news-articles-xss(21708)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21708"
},
{
"name": "14483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14483"
},
{
"name": "18553",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18553"
},
{
"name": "18551",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18551"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2539",
"datePublished": "2005-08-10T04:00:00.000Z",
"dateReserved": "2005-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2540 (GCVE-0-2005-2540)
Vulnerability from cvelistv5 – Published: 2005-08-10 04:00 – Updated: 2024-08-07 22:30- n/a
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=112327238030127&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.rgod.altervista.org/flatnuke.html | x_refsource_MISC |
| http://secunia.com/advisories/16330 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/18554 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/14485 | vdb-entryx_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.732Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatNuke-firma-execute-commands(21709)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21709"
},
{
"name": "18554",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18554"
},
{
"name": "14485",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14485"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to execute arbitrary PHP commands via an ASCII char 13 (carriage return) in the signature field, which is injected into a PHP script without a preceding comment character, which can then be executed by a direct request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatNuke-firma-execute-commands(21709)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21709"
},
{
"name": "18554",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18554"
},
{
"name": "14485",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14485"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to execute arbitrary PHP commands via an ASCII char 13 (carriage return) in the signature field, which is injected into a PHP script without a preceding comment character, which can then be executed by a direct request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"name": "http://www.rgod.altervista.org/flatnuke.html",
"refsource": "MISC",
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16330"
},
{
"name": "flatNuke-firma-execute-commands(21709)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21709"
},
{
"name": "18554",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18554"
},
{
"name": "14485",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14485"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2540",
"datePublished": "2005-08-10T04:00:00.000Z",
"dateReserved": "2005-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2538 (GCVE-0-2005-2538)
Vulnerability from cvelistv5 – Published: 2005-08-10 04:00 – Updated: 2024-08-07 22:30- n/a
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=112327238030127&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.rgod.altervista.org/flatnuke.html | x_refsource_MISC |
| http://secunia.com/advisories/16330 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/18550 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18550",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via (1) a null byte or (2) an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1 in the mod parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18550",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via (1) a null byte or (2) an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1 in the mod parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"name": "http://www.rgod.altervista.org/flatnuke.html",
"refsource": "MISC",
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18550",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2538",
"datePublished": "2005-08-10T04:00:00.000Z",
"dateReserved": "2005-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2537 (GCVE-0-2005-2537)
Vulnerability from cvelistv5 – Published: 2005-08-10 04:00 – Updated: 2024-08-07 22:30- n/a
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=112327238030127&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.rgod.altervista.org/flatnuke.html | x_refsource_MISC |
| http://secunia.com/advisories/16330 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/18549 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18549",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/18549"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via a direct request to structure.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18549",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/18549"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2537",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via a direct request to structure.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112327238030127\u0026w=2"
},
{
"name": "http://www.rgod.altervista.org/flatnuke.html",
"refsource": "MISC",
"url": "http://www.rgod.altervista.org/flatnuke.html"
},
{
"name": "16330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16330"
},
{
"name": "18549",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18549"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2537",
"datePublished": "2005-08-10T04:00:00.000Z",
"dateReserved": "2005-08-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}