CVE-2005-1892

Опубликовано: 09 июн. 2005

Источник: nvd

CVSS2: 6.4

EPSS Низкий

Описание

FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive information via (1) a direct request to foot_news.php, which triggers an infinite loop, or (2) direct requests to unknown scripts, which reveals the web document root in an error message.

Ссылки

http://flatnuke.sourceforge.net/index.php?mod=read&id=1117979256
Product
http://secunia.com/advisories/15603
Broken Link
http://securitytracker.com/id?1014114
Broken Link
Exploit
Third Party Advisory
VDB Entry
http://secwatch.org/advisories/secwatch/20050604_flatnuke.txt
Broken Link
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2005/0697
Broken Link
http://flatnuke.sourceforge.net/index.php?mod=read&id=1117979256
Product
http://secunia.com/advisories/15603
Broken Link
http://securitytracker.com/id?1014114
Broken Link
Exploit
Third Party Advisory
VDB Entry
http://secwatch.org/advisories/secwatch/20050604_flatnuke.txt
Broken Link
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2005/0697
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:flatnuke:flatnuke:*:*:*:*:*:*:*:*

Версия до 2.5.3 (включая)

EPSS

Процентиль: 77%

0.01029

Низкий

6.4 Medium

CVSS2

Дефекты

CWE-425

Связанные уязвимости

GHSA-55hg-77vh-978c

github

почти 4 года назад