Lucene search

[email protected]CVE-2007-5773

HistoryNov 01, 2007 - 4:46 p.m.

CVE-2007-5773

2007-11-0116:46:00

CWE-352

[email protected]

web.nvd.nist.gov

cve-2007-5773

file manager

csrf

flatnuke 3

vulnerability

security

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.4%

JSON

Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote attackers to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter.

Affected configurations

NVD

Node

flatnuke3flatnuke3

CPENameOperatorVersion
flatnuke3:flatnuke3flatnuke3eq*

CPE	Name	Operator	Version
flatnuke3:flatnuke3	flatnuke3	eq	*

References

osvdb.org/43635

exchange.xforce.ibmcloud.com/vulnerabilities/37413

www.exploit-db.com/exploits/4561

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.4%

JSON

Related for CVE-2007-5773

nvd1 prion1 cvelist1