Vulnerability Details CVE-2005-1892
FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive information via (1) a direct request to foot_news.php, which triggers an infinite loop, or (2) direct requests to unknown scripts, which reveals the web document root in an error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.4%
CVSS Severity
CVSS v2 Score 6.4
References
- http://flatnuke.sourceforge.net/index.php?mod=read&id=1117979256
- http://secunia.com/advisories/15603
- http://securitytracker.com/id?1014114
- http://secwatch.org/advisories/secwatch/20050604_flatnuke.txt
- http://www.vupen.com/english/advisories/2005/0697
- http://flatnuke.sourceforge.net/index.php?mod=read&id=1117979256
- http://secunia.com/advisories/15603
- http://securitytracker.com/id?1014114
- http://secwatch.org/advisories/secwatch/20050604_flatnuke.txt
- http://www.vupen.com/english/advisories/2005/0697
Products affected by CVE-2005-1892
-
cpe:2.3:a:flatnuke:flatnuke:1.8
-
cpe:2.3:a:flatnuke:flatnuke:2.0
-
cpe:2.3:a:flatnuke:flatnuke:2.1
-
cpe:2.3:a:flatnuke:flatnuke:2.2
-
cpe:2.3:a:flatnuke:flatnuke:2.3
-
cpe:2.3:a:flatnuke:flatnuke:2.3.1
-
cpe:2.3:a:flatnuke:flatnuke:2.4
-
cpe:2.3:a:flatnuke:flatnuke:2.4.1
-
cpe:2.3:a:flatnuke:flatnuke:2.5
-
cpe:2.3:a:flatnuke:flatnuke:2.5.1
-
cpe:2.3:a:flatnuke:flatnuke:2.5.2
-
cpe:2.3:a:flatnuke:flatnuke:2.5.3