Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2005-2540
Description:CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to execute arbitrary PHP commands via an ASCII char 13 (carriage return) in the signature field, which is injected into a PHP script without a preceding comment character, which can then be executed by a direct request.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2005-2540
BugTraq ID: 14485
http://www.securityfocus.com/bid/14485
Bugtraq: 20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands (Google Search)
http://marc.info/?l=bugtraq&m=112327238030127&w=2
http://www.rgod.altervista.org/flatnuke.html
http://www.osvdb.org/18554
http://secunia.com/advisories/16330
XForce ISS Database: flatNuke-firma-execute-commands(21709)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21709




© 1998-2024 E-Soft Inc. All rights reserved.