8 matches found
EUVD-2020-22923
Malware in sbrugna...
EUVD-2020-22922
Malware in sbrugna...
CVE-2020-35245
CVE-2020-35245 affects Flamingo (FlamingoIM) up to 2020-09-29 with a SQL injection vulnerability in UserManager::addUser. Documented risk scores: CVSS2 base 7.5 (HIGH) and CVSS3.1 base 9.8 (CRITICAL). Exploit details are not provided in the connected documents; no remediation or patch version is ...
Directory traversal
Flamingo aka FlamingoIM through 2020-09-29 allows ../ directory traversal because the only ostensibly unpredictable part of a file-transfer request is an MD5 computation; however, this computation occurs on the client side, and the computation details can be easily determined because the product'...
Blizmax Flamingoim SQL Injection Vulnerability
Blizmax Flamingoim is a high-performance, lightweight, open source instant messaging software from the individual developers of Blizmax. A SQL injection vulnerability exists in Blizmax Flamingoim version 2020-09-29 and prior versions, which stems from the validation of externally entered SQL...
CVE-2020-15216
creationtimestamp| type| source ---|---|--- 2020-09-29 20:51:03+00:00| seen| https://t.me/cibsecurity/14937...
CVE-2020-24565
creationtimestamp| type| source ---|---|--- 2020-09-29 07:50:22+00:00| seen| https://t.me/cibsecurity/14927...
CVE-2020-25770
creationtimestamp| type| source ---|---|--- 2020-09-29 07:50:21+00:00| seen| https://t.me/cibsecurity/14926 2020-09-29 07:50:22+00:00| seen| https://t.me/cibsecurity/14927...