CVE-2005-1894

FlatNuke 2.5.3 - Remote Code Execution via Referer Header Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1894. PoCs published by SecWatch.

AI-analyzed exploit summary This PHP script is a proof-of-concept for CVE-2005-1894, exploiting an arbitrary command injection vulnerability in FlatNuke 2.5.3. It leverages improper input sanitization in the referer.php script to execute system commands via a crafted HTTP Referer header.

Description

Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary PHP code by placing the code into the Referer header of an HTTP request, which causes the code to be injected into referer.php, which can then be accessed by the attacker.

Exploits (1)

exploitdb WORKING POC VERIFIED

by SecWatch · phpwebappsphp

https://www.exploit-db.com/exploits/25801

View Code ZIP pw:eip

This PHP script is a proof-of-concept for CVE-2005-1894, exploiting an arbitrary command injection vulnerability in FlatNuke 2.5.3. It leverages improper input sanitization in the referer.php script to execute system commands via a crafted HTTP Referer header.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: FlatNuke 2.5.3

No auth needed

Prerequisites: Network access to the target FlatNuke installation · The referer.php script must be accessible

MITRE ATT&CK