PHP remote file inclusion vulnerability in config.php in Adam Scheinberg Flip 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter.
Max CVSS
7.5
EPSS Score
2.37%
Published
2008-07-25
Updated
2018-10-11
Adam Scheinberg Flip 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing login credentials via a direct request for var/users.txt.
Max CVSS
5.0
EPSS Score
0.80%
Published
2007-09-24
Updated
2017-09-29
account.php in Adam Scheinberg Flip 3.0 and earlier allows remote attackers to create administrative accounts via the un parameter in a register action.
Max CVSS
7.5
EPSS Score
2.27%
Published
2007-09-24
Updated
2017-09-29
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!