UBUNTU-CVE-2007-5109

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2007-5109

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2007/UBUNTU-CVE-2007-5109.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2007-5109

Upstream

CVE-2007-5109

Published

2007-09-26T23:17:00Z

Modified

2026-05-20T16:03:03.909732933Z

Severity

Ubuntu - low

Summary

[none]

Details

Cross-site request forgery (CSRF) vulnerability in index.php in FlatNuke 2.6, and possibly 3, allows remote attackers to change the password and privilege level of arbitrary accounts via the user parameter and modified (1) regpass and (2) level parameters in a none_Login action, as demonstrated by using a Flash object to automatically make the request.

References

Affected packages

Ubuntu:16.04:LTS

flatnuke

Package

Name: flatnuke
Purl: pkg:deb/ubuntu/flatnuke?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2-0ubuntu2

2.7.2-0ubuntu3

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "2.7.2-0ubuntu3",
            "binary_name": "flatnuke"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2007/UBUNTU-CVE-2007-5109.json"

Ubuntu:18.04:LTS

flatnuke

Package

Name: flatnuke
Purl: pkg:deb/ubuntu/flatnuke?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2-0ubuntu3

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "2.7.2-0ubuntu3",
            "binary_name": "flatnuke"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2007/UBUNTU-CVE-2007-5109.json"

Ubuntu:20.04:LTS

flatnuke

Package

Name: flatnuke
Purl: pkg:deb/ubuntu/flatnuke?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2-0ubuntu3

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "2.7.2-0ubuntu3",
            "binary_name": "flatnuke"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2007/UBUNTU-CVE-2007-5109.json"

Ubuntu:22.04:LTS

flatnuke

Package

Name: flatnuke
Purl: pkg:deb/ubuntu/flatnuke?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2-0ubuntu3

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "2.7.2-0ubuntu3",
            "binary_name": "flatnuke"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2007/UBUNTU-CVE-2007-5109.json"

Ubuntu:24.04:LTS

flatnuke

Package

Name: flatnuke
Purl: pkg:deb/ubuntu/flatnuke?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2-0ubuntu3

2.7.2-0ubuntu5

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "2.7.2-0ubuntu5",
            "binary_name": "flatnuke"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2007/UBUNTU-CVE-2007-5109.json"

Ubuntu:25.10

flatnuke

Package

Name: flatnuke
Purl: pkg:deb/ubuntu/flatnuke?arch=source&distro=questing

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2-0ubuntu5

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "2.7.2-0ubuntu5",
            "binary_name": "flatnuke"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2007/UBUNTU-CVE-2007-5109.json"

Ubuntu:26.04:LTS

flatnuke

Package

Name: flatnuke
Purl: pkg:deb/ubuntu/flatnuke?arch=source&distro=resolute

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2-0ubuntu5

2.7.2-0ubuntu6

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "2.7.2-0ubuntu6",
            "binary_name": "flatnuke"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2007/UBUNTU-CVE-2007-5109.json"