Lucene search
K

124 matches found

vulnersOsv
vulnersOsv
added 2022/07/29 10:40 a.m.5 views

flipper-server (>=0.171.1 <=0.212.0), flipper-server-core (>=0.171.1 <=0.212.0) potentially affected by unknown CVE via flipper-server-companion (>=0.171.1 <=0.212.0)

flipper-server-companion NPM version =0.171.1, =0.171.1, =0.171.1, =0.212.0 Source cves: unknown CVE Source advisory: OSV:MAL-2022-3077...

5.8AI score
Exploits0
Snyk
Snyk
added 2022/07/22 8:9 a.m.4 views

Malicious Package

Overview flipper-server-companion is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score
Exploits0References3
Snyk
Snyk
added 2022/06/23 9:25 a.m.3 views

Malicious Package

Overview flipper-frontend-core is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7AI score
Exploits0References3
OSV
OSV
added 2022/06/20 8:20 p.m.6 views

MAL-2022-2815 Malicious code in eslint-plugin-flipper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c835c9d5ebe0d48d1da9eb4ea4e3576a5a9185f2cde5c14902164dc7f17d0b8c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:20 p.m.2 views

Malicious code in eslint-plugin-flipper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c835c9d5ebe0d48d1da9eb4ea4e3576a5a9185f2cde5c14902164dc7f17d0b8c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 7:27 a.m.10 views

MAL-2022-3076 Malicious code in flipper-plugin-ribtree (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed63a783a7e3eed5c4b44fc8a0fac498737e83e6e741d75c8290a18d1b0f4741 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 7:27 a.m.2 views

Malicious code in flipper-plugin-ribtree (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed63a783a7e3eed5c4b44fc8a0fac498737e83e6e741d75c8290a18d1b0f4741 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/05/31 12:58 p.m.4 views

Malicious code in flipper-frontend-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 745d70c1af1c5bc8882038e6eac687fd4ce85fa2d6b667c7c5ccef39ce54b877 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/05/31 12:58 p.m.10 views

flipper-server (>=0.171.1 <=0.212.0), flipper-server-companion (>=0.171.0 <=0.212.0) +1 more potentially affected by unknown CVE via flipper-frontend-core (>=0.171.0 <=0.212.0)

flipper-frontend-core NPM version =0.171.0, =0.171.1, =0.171.0, =0.171.1, =0.212.0 Source cves: unknown CVE Source advisory: OSV:MAL-2022-3074...

5.8AI score
Exploits0
Hacker One
Hacker One
added 2019/08/29 2:40 a.m.37 views

BlockDev Sp. Z o.o: Steal ALL collateral during liquidation by exploiting lack of validation in `flip.kick`

Summary: The flip contract allows for the MCD system to auction collateral in exchange for DAI. A lack of validation in the method flip.kick allows an attacker to create an auction with a fake bid value. Since the end contract trusts that value, it can be exploited to issue any amount of free DAI...

1.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/04/27 12:0 a.m.56 views

JVN#01040170: WordPress plugin "WP Google Map Plugin" vulnerable to cross-site scripting

The WordPress plugin "WP Google Map Plugin" provided by Flipper Code contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged in user's web browser. Solution Update the plugin Update the plugin according to the information provided by...

5.4CVSS5.3AI score0.01066EPSS
Exploits0
hackapp
hackapp
added 2016/04/01 10:17 a.m.6 views

FLIPPER - Dynamic Code Loading, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application FLIPPER published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/02/03 12:0 a.m.70 views

Flipper Poll v1.1.0 &#40;poll.php&#41; remote file include vuln

Flipper Poll v1.1.0 poll.php remote file include vuln --------------------------------------------------------------------------------- Found: Cyber-Security cyber-security.org --------------------------------------------------------------------------------- Script Download:...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2007/02/03 12:0 a.m.16 views

Flipper Poll 1.1.0 (poll.php root_path) Remote File Include Vulnerability

No description provided by source. Flipper Poll v1.1.0 poll.php remote file include vuln --------------------------------------------------------------------------------- Found: Cyber-Security cyber-security.org ---------------------------------------------------------------------------------...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/02/02 12:0 a.m.49 views

Flipper Poll 1.1.0 (poll.php root_path) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ========================================================================= Flipper Poll 1.1.0 poll.php rootpath Remote File Include Vulnerability ========================================================================= Flipper Poll v1.1.0...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/02/02 12:0 a.m.14 views

Flipper Poll 1.1.0 - poll.php?root_path Remote File Inclusion

Flipper Poll 1.1.0 - poll.php?rootpath Remote File Inclusion Flipper Poll v1.1.0 poll.php remote file include vuln --------------------------------------------------------------------------------- Found: Cyber-Security cyber-security.org...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2007/02/02 12:0 a.m.24 views

Flipper Poll 1.1.0 - &#039;poll.php?root_path&#039; Remote File Inclusion

Flipper Poll v1.1.0 poll.php remote file include vuln --------------------------------------------------------------------------------- Found: Cyber-Security cyber-security.org --------------------------------------------------------------------------------- Script Download:...

7.4AI score
Exploits0
NVD
NVD
added 2006/07/21 2:3 p.m.20 views

CVE-2006-3683

PHP remote file inclusion vulnerability in poll.php in Flipper Poll 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...

7.5CVSS7.6AI score0.04213EPSS
Exploits1References9
Cvelist
Cvelist
added 2006/07/18 9:0 p.m.19 views

CVE-2006-3683

PHP remote file inclusion vulnerability in poll.php in Flipper Poll 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter...

7.6AI score0.04213EPSS
Exploits1References9
CVE
CVE
added 2006/07/18 9:0 p.m.58 views

CVE-2006-3683

CVE-2006-3683 affects Flipper Poll 1.1 and earlier. A PHP remote file inclusion vulnerability exists in poll.php via the root_path parameter, allowing an attacker to cause arbitrary PHP code execution by supplying a crafted URL. The NVD entry documents a base score of 7.5 (HIGH) with network acce...

7.5CVSS7.9AI score0.04213EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder