CVE-2005-1896

Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 allows remote attackers to read arbitrary images or obtain the installation path via the image parameter.

Score5.0
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactNONE
Availability ImpactNONE
Published2005-06-09 12:00:00.000-04
Last Modified2011-03-07 09:23:03.000-05

Vulnerable Software List

VendorProductVersions
Flatnuke Flatnuke 2.5.3

References

SourceLink
CONFIRMhttp://flatnuke.sourceforge.net/index.php?mod=read&id=1117979256
SECTRACK1014114
MISChttp://secwatch.org/advisories/secwatch/20050604_flatnuke.txt
VUPENADV-2005-0697