Flatnuke: >> Flatnuke >> 1.6 Security Vulnerabilities
The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file.
CVSS Score
4.6
EPSS Score
0.036
Published
2006-07-18