Описание
Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) characters in the id parameter to the read mod in index.php.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:flatnuke:flatnuke:2.5.6:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.07078
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) characters in the id parameter to the read mod in index.php.
EPSS
Процентиль: 91%
0.07078
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other