CVE-2005-1895
FlatNuke 2.5.3 - Cross-Site Scripting via Border or Back Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-1895. PoCs published by SecWatch.
AI-analyzed exploit summary The provided text describes multiple input validation vulnerabilities in FlatNuke, including XSS and arbitrary PHP code execution. It includes example URLs demonstrating XSS attacks via the 'border' and 'back' parameters.
Description
Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the border or back parameters to (1) help.php or (2) footer.php.
Exploits (1)
The provided text describes multiple input validation vulnerabilities in FlatNuke, including XSS and arbitrary PHP code execution. It includes example URLs demonstrating XSS attacks via the 'border' and 'back' parameters.