Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2005-2539
Description:Multiple cross-site scripting (XSS) vulnerabilities in FlatNuke 2.5.5 and possibly earlier versions allow remote attackers to inject arbitrary web script or HTML via the (1) bodycolor, (2) backimage, (3) theme, or (4) logo parameter to structure.php, (5) admin, (6) admin_mail, or (7) back parameter to footer.php, or (8) the message body in a news post.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2005-2539
BugTraq ID: 14483
http://www.securityfocus.com/bid/14483
Bugtraq: 20050804 FlatNuke 2.5.5 (possibly prior versions) remote commands (Google Search)
http://marc.info/?l=bugtraq&m=112327238030127&w=2
http://www.rgod.altervista.org/flatnuke.html
http://www.osvdb.org/18551
http://www.osvdb.org/18552
http://www.osvdb.org/18553
http://secunia.com/advisories/16330
XForce ISS Database: flatnuke-news-articles-xss(21708)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21708
XForce ISS Database: flatnuke-structure-xss(21707)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21707




© 1998-2021 E-Soft Inc. All rights reserved.