5 matches found
CVE-2023-41387
A SQL injection in the flutterdownloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of the framework is exposed to the local user if an app uses UIFileSharingEnabled and...
Sql injection
A SQL injection in the flutterdownloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of the framework is exposed to the local user if an app uses UIFileSharingEnabled and...
CVE-2023-41387
A SQL injection in the flutterdownloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of the framework is exposed to the local user if an app uses UIFileSharingEnabled and...
CVE-2023-41387
The vulnerability CVE-2023-41387 affects the Flutter Downloader plugin for iOS (versions 1.11.1 and earlier). The root cause is a SQL injection that enables remote attackers to steal session tokens and overwrite arbitrary files inside the app container by tampering with the framework’s internal d...
CVE-2023-41387
A SQL injection in the flutterdownloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of the framework is exposed to the local user if an app uses UIFileSharingEnabled and...