Unrated severityNVD Advisory· Published Jun 9, 2005· Updated Jun 16, 2026
CVE-2005-1894
CVE-2005-1894
Description
Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary PHP code by placing the code into the Referer header of an HTTP request, which causes the code to be injected into referer.php, which can then be accessed by the attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
5- flatnuke.sourceforge.net/index.phpnvdPatchProduct
- secunia.com/advisories/15603nvdBroken LinkPatchVendor Advisory
- securitytracker.com/idnvdBroken LinkExploitPatchThird Party AdvisoryVDB Entry
- secwatch.org/advisories/secwatch/20050604_flatnuke.txtnvdBroken LinkExploitPatchVendor Advisory
- www.vupen.com/english/advisories/2005/0697nvdBroken Link
News mentions
0No linked articles in our index yet.