PT-2007-6738 · Flatnuke · Flatnuke
Kingoftheworld
·
Publicado
2007-11-01
·
Atualizado
2018-10-15
·
CVE-2007-5771
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Flatnuke version 3
Description
The issue allows remote attackers to obtain administrative access by exploiting a vulnerability involving a
myforum%00 cookie.Recommendations
For Flatnuke version 3, update to a version that fixes this issue or consider restricting access to administrative functions until a patch is available. As a temporary workaround, consider validating and sanitizing cookie inputs to prevent malicious exploitation.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Flatnuke