12 matches found
EUVD-2007-5043
Malware in sbrugna...
EUVD-2008-3299
Malware in sbrugna...
Remote file inclusion
PHP remote file inclusion vulnerability in config.php in Adam Scheinberg Flip 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter...
CVE-2008-3311
CVE-2008-3311 concerns a PHP remote file inclusion vulnerability in config.php of Adam Scheinberg Flip 3.0. The issue allows an attacker to cause remote PHP code execution by supplying a URL in the incpath parameter. Public references in the connected documents corroborate PHP RFI as the underlyi...
CVE-2008-3311
PHP remote file inclusion vulnerability in config.php in Adam Scheinberg Flip 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter...
Authentication flaw
account.php in Adam Scheinberg Flip 3.0 and earlier allows remote attackers to create administrative accounts via the un parameter in a register action...
CVE-2007-5063
Adam Scheinberg Flip 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing login credentials via a direct request for var/users.txt...
Improper access control
Adam Scheinberg Flip 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing login credentials via a direct request for var/users.txt...
CVE-2007-5062
account.php in Adam Scheinberg Flip 3.0 and earlier allows remote attackers to create administrative accounts via the un parameter in a register action...
CVE-2007-5062
The CVE-2007-5062 entry relates to the Flip 3.0 (and earlier) web application by Adam Scheinberg, where the vulnerable component is account.php. The underlying issue allows remote attackers to create administrative accounts via the un parameter in a register action, enabling privilege escalation ...
CVE-2007-5063
Adam Scheinberg Flip 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing login credentials via a direct request for var/users.txt...
CVE-2007-5063
CVE-2007-5063 affects Flip 3.0 and earlier, where sensitive information is stored under the web root with insufficient access control. An unauthenticated remote attacker can directly request var/users.txt and download a file containing login credentials. The provided documents do not specify affe...