CVE-2005-1893

FlatNuke 2.5.3 allows remote attackers to obtain sensitive information via invalid parameters to certain scripts, which leaks the web document root in an error message.

Score5.0
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactNONE
Availability ImpactNONE
Published2005-06-09 12:00:00.000-04
Last Modified2011-03-07 09:23:03.000-05

Vulnerable Software List

VendorProductVersions
Flatnuke Flatnuke 2.5.3

References

SourceLink
CONFIRMhttp://flatnuke.sourceforge.net/index.php?mod=read&id=1117979256
SECTRACK1014114
MISChttp://secwatch.org/advisories/secwatch/20050604_flatnuke.txt
VUPENADV-2005-0697