PT-2005-3691 · Flatnuke · Flatnuke

Retrogod

Publicado

2005-09-07

Atualizado

2017-07-11

CVE-2005-2814

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions FlatNuke version 2.5.6

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the usr parameter in a "vis reg" operation to "index.php".

Recommendations For FlatNuke version 2.5.6, update to a version that fixes this issue, as using the usr parameter in the "vis reg" operation to "index.php" can lead to arbitrary web script or HTML injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-2814

Produtos afetados

Flatnuke

PT-2005-3691 · Flatnuke · Flatnuke

CVE-2005-2814

Identificadores relacionados

Produtos afetados

Referências · 6