Filtered by vendor Flatnuke
Subscriptions
Filtered by product Flatnuke
Subscriptions
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0267 | 1 Flatnuke | 1 Flatnuke | 2025-04-03 | N/A |
| index.php in FlatNuke 2.5.1 allows remote attackers to create an administrator account via carriage returns and #10 in the url_avatar field, which is interpreted as a sensitive directive. | ||||
| CVE-2006-3608 | 1 Flatnuke | 1 Flatnuke | 2025-04-03 | N/A |
| The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file. | ||||