CVE-2005-3361

Cross-site scripting (XSS) vulnerability in forum/index.php in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the nome parameter in a login operation, a variant of CVE-2005-3306.

Score4.3
Access VectorNETWORK
Access ComplexityMEDIUM
AuthenticationNONE
Confidentiality ImpactNONE
Integrity ImpactPARTIAL
Availability ImpactNONE
Published2005-10-27 08:02:00.000-04
Last Modified2016-10-17 11:34:36.000-04

Vulnerable Software List

VendorProductVersions
Flatnuke Flatnuke 2.5.6

References

SourceLink
BUGTRAQ20051024 Flat Nuke Cross Site Scripting
VUPENADV-2005-2178