4 matches found
CVE-2012-4878
Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action...
CVE-2012-4878
FlatnuX CMS 2011 08.09.2 is affected by an absolute path traversal in controlcenter.php, allowing remote administrators to read arbitrary files via a full pathname supplied in the dir parameter of a contents/Files action. The underlying issue is a path traversal vulnerability that enables access ...
CVE-2012-4877
Cross-site request forgery CSRF vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts...
Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities
Title: ====== Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities Date: ===== 2012-04-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=487 VL-ID: ===== 487 Introduction: ============= Flatnux is no database CMS for accessible websites, corporate websites, e-commer...