CVE-2005-2540

FlatNuke 2.5.5 - Remote Code Execution via CRLF Injection in Signature Field

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2540.

AI-analyzed exploit summary This PHP script exploits a remote code execution vulnerability in FlatNuke 2.5.5 by injecting malicious code into the user registration process, creating a backdoor file that executes arbitrary commands via HTTP GET requests.

Description

CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to execute arbitrary PHP commands via an ASCII char 13 (carriage return) in the signature field, which is injected into a PHP script without a preceding comment character, which can then be executed by a direct request.

Exploits (1)

exploitdb WORKING POC

phpwebappsphp

https://www.exploit-db.com/exploits/1140

View Code ZIP pw:eip

This PHP script exploits a remote code execution vulnerability in FlatNuke 2.5.5 by injecting malicious code into the user registration process, creating a backdoor file that executes arbitrary commands via HTTP GET requests.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: FlatNuke 2.5.5 (possibly prior versions)

No auth needed

Prerequisites: Target must have FlatNuke 2.5.5 or earlier installed · PHP must be configured with allow_call_time_pass_reference and register_globals enabled

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →