CVE-2023-41387

A SQL injection in the flutterdownloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of the framework is exposed to the local user if an app uses UIFileSharingEnabled and...

CVE-2023-41387

A SQL injection in the flutterdownloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of the framework is exposed to the local user if an app uses UIFileSharingEnabled and...

Flutter Downloader SQL Injection Vulnerability

Flutter Downloader is a plugin for creating and managing download tasks. A security vulnerability exists in Flutter Downloader version 1.11.1 iOS, which stems from the fact that if the application uses the UIFileSharingEnabled and LSSupportsOpeningDocumentsInPlace attributes, the framework's...

PT-2023-27938 · Unknown · Flutter Downloader

Name of the Vulnerable Software and Affected Versions: flutter downloader versions 1.11.1 and earlier Description: A SQL injection in the flutter downloader component allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of...