CVE-2005-2815 Information

Description

print.php in FlatNuke 2.5.6 allows remote attackers to obtain sensitive information (path disclosure on error) or cause a denial of service (resource consumption) via an MS-DOS device name in the news parameter to print.php such as (1) AUX (2) CON (3) PRN (4) COM1 or (5) LPT1.

Reference

http://seclists.org/lists/bugtraq/2005/Aug/0440.html http://securitytracker.com/id?1014824 https://exchange.xforce.ibmcloud.com/vulnerabilities/22153