VYPR

Flatnuke

by Simone Vellei

CVEs (1)

  • CVE-2006-3608Jul 18, 2006
    risk 0.03cvss epss 0.02

    The Gallery module in Simone Vellei Flatnuke 2.5.7 and earlier, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php file.