3 matches found
CVE-2007-5063
CVE-2007-5063 affects Flip 3.0 and earlier, where sensitive information is stored under the web root with insufficient access control. An unauthenticated remote attacker can directly request var/users.txt and download a file containing login credentials. The provided documents do not specify affe...
CVE-2007-5062
The CVE-2007-5062 entry relates to the Flip 3.0 (and earlier) web application by Adam Scheinberg, where the vulnerable component is account.php. The underlying issue allows remote attackers to create administrative accounts via the un parameter in a register action, enabling privilege escalation ...
CVE-2008-3311
CVE-2008-3311 concerns a PHP remote file inclusion vulnerability in config.php of Adam Scheinberg Flip 3.0. The issue allows an attacker to cause remote PHP code execution by supplying a URL in the incpath parameter. Public references in the connected documents corroborate PHP RFI as the underlyi...