124 matches found
flipper-server (>=0.171.1 <=0.212.0), flipper-server-core (>=0.171.1 <=0.212.0) potentially affected by unknown CVE via flipper-server-companion (>=0.171.1 <=0.212.0)
flipper-server-companion NPM version =0.171.1, =0.171.1, =0.171.1, =0.212.0 Source cves: unknown CVE Source advisory: OSV:MAL-2022-3077...
Malicious Package
Overview flipper-server-companion is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
Malicious Package
Overview flipper-frontend-core is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
MAL-2022-2815 Malicious code in eslint-plugin-flipper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c835c9d5ebe0d48d1da9eb4ea4e3576a5a9185f2cde5c14902164dc7f17d0b8c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in eslint-plugin-flipper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c835c9d5ebe0d48d1da9eb4ea4e3576a5a9185f2cde5c14902164dc7f17d0b8c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3076 Malicious code in flipper-plugin-ribtree (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed63a783a7e3eed5c4b44fc8a0fac498737e83e6e741d75c8290a18d1b0f4741 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in flipper-plugin-ribtree (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed63a783a7e3eed5c4b44fc8a0fac498737e83e6e741d75c8290a18d1b0f4741 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in flipper-frontend-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 745d70c1af1c5bc8882038e6eac687fd4ce85fa2d6b667c7c5ccef39ce54b877 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
flipper-server (>=0.171.1 <=0.212.0), flipper-server-companion (>=0.171.0 <=0.212.0) +1 more potentially affected by unknown CVE via flipper-frontend-core (>=0.171.0 <=0.212.0)
flipper-frontend-core NPM version =0.171.0, =0.171.1, =0.171.0, =0.171.1, =0.212.0 Source cves: unknown CVE Source advisory: OSV:MAL-2022-3074...
BlockDev Sp. Z o.o: Steal ALL collateral during liquidation by exploiting lack of validation in `flip.kick`
Summary: The flip contract allows for the MCD system to auction collateral in exchange for DAI. A lack of validation in the method flip.kick allows an attacker to create an auction with a fake bid value. Since the end contract trusts that value, it can be exploited to issue any amount of free DAI...
JVN#01040170: WordPress plugin "WP Google Map Plugin" vulnerable to cross-site scripting
The WordPress plugin "WP Google Map Plugin" provided by Flipper Code contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged in user's web browser. Solution Update the plugin Update the plugin according to the information provided by...
FLIPPER - Dynamic Code Loading, External URLs, Native code usage vulnerabilities
HackApp vulnerability scanner discovered that application FLIPPER published at the 'play' market has multiple vulnerabilities...
Flipper Poll v1.1.0 (poll.php) remote file include vuln
Flipper Poll v1.1.0 poll.php remote file include vuln --------------------------------------------------------------------------------- Found: Cyber-Security cyber-security.org --------------------------------------------------------------------------------- Script Download:...
Flipper Poll 1.1.0 (poll.php root_path) Remote File Include Vulnerability
No description provided by source. Flipper Poll v1.1.0 poll.php remote file include vuln --------------------------------------------------------------------------------- Found: Cyber-Security cyber-security.org ---------------------------------------------------------------------------------...
Flipper Poll 1.1.0 (poll.php root_path) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ========================================================================= Flipper Poll 1.1.0 poll.php rootpath Remote File Include Vulnerability ========================================================================= Flipper Poll v1.1.0...
Flipper Poll 1.1.0 - poll.php?root_path Remote File Inclusion
Flipper Poll 1.1.0 - poll.php?rootpath Remote File Inclusion Flipper Poll v1.1.0 poll.php remote file include vuln --------------------------------------------------------------------------------- Found: Cyber-Security cyber-security.org...
Flipper Poll 1.1.0 - 'poll.php?root_path' Remote File Inclusion
Flipper Poll v1.1.0 poll.php remote file include vuln --------------------------------------------------------------------------------- Found: Cyber-Security cyber-security.org --------------------------------------------------------------------------------- Script Download:...
CVE-2006-3683
PHP remote file inclusion vulnerability in poll.php in Flipper Poll 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...
CVE-2006-3683
PHP remote file inclusion vulnerability in poll.php in Flipper Poll 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...
CVE-2006-3683
CVE-2006-3683 affects Flipper Poll 1.1 and earlier. A PHP remote file inclusion vulnerability exists in poll.php via the root_path parameter, allowing an attacker to cause arbitrary PHP code execution by supplying a crafted URL. The NVD entry documents a base score of 7.5 (HIGH) with network acce...