[原文]CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to execute arbitrary PHP commands via an ASCII char 13 (carriage return) in the signature field, which is injected into a PHP script without a preceding comment character, which can then be executed by a direct request.
FlatNuke User Signature Arbitrary Command Execution
Remote / Network Access
Loss of Integrity
Flatnuke contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the program not properly sanitizing user input supplied to the user registration function. This may allow an attacker to include an arbitrary command in the user registration file [username].php which can be executed by the attacker.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.