CVE-2006-3608

The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file.

Score4.6
Access VectorNETWORK
Access ComplexityHIGH
AuthenticationSINGLE_INSTANCE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-07-18 11:46:00.000-04
Last Modified2018-10-18 12:48:09.000-04

Vulnerable Software List

VendorProductVersions
Flatnuke Flatnuke 1.0, 1.5, 1.6, 1.7, 1.8, 2.0, 2.5.1, 2.5.3, 2.5.5, 2.5.6, 2.5.7

References

SourceLink
MISChttp://retrogod.altervista.org/flatnuke257_adv.html
SECTRACK1016499
BUGTRAQ20060713 flatnuke <= 2.5.7 arbitrary php file upload
BUGTRAQ20060807 Re: flatnuke <= 2.5.7 arbitrary php file upload
BID18966
XFflatnuke-gallery-code-execution(27731)