Filtered by vendor Flatnuke Subscriptions
Total 22 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-0268 1 Flatnuke 1 Flatnuke 2024-11-21 N/A
Direct code injection vulnerability in FlatNuke 2.5.1 allows remote attackers to execute arbitrary PHP code by placing the code into the url_avatar field.
CVE-2005-0267 1 Flatnuke 1 Flatnuke 2024-11-21 N/A
index.php in FlatNuke 2.5.1 allows remote attackers to create an administrator account via carriage returns and #10 in the url_avatar field, which is interpreted as a sensitive directive.