4 matches found
CVE-2012-4878
Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action...
CVE-2012-4877
Cross-site request forgery CSRF vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts...
CVE-2012-4878
FlatnuX CMS 2011 08.09.2 is affected by an absolute path traversal in controlcenter.php, allowing remote administrators to read arbitrary files via a full pathname supplied in the dir parameter of a contents/Files action. The underlying issue is a path traversal vulnerability that enables access ...
Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities
Title: ====== Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities Date: ===== 2012-04-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=487 VL-ID: ===== 487 Introduction: ============= Flatnux is no database CMS for accessible websites, corporate websites, e-commer...