Adam Scheinberg » Flip : Security Vulnerabilities, CVEs,
PHP remote file inclusion vulnerability in config.php in Adam Scheinberg Flip 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter.
Max CVSS
7.5
EPSS Score
2.37%
Published
2008-07-25
Updated
2018-10-11
Adam Scheinberg Flip 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing login credentials via a direct request for var/users.txt.
Max CVSS
5.0
EPSS Score
0.80%
Published
2007-09-24
Updated
2017-09-29
account.php in Adam Scheinberg Flip 3.0 and earlier allows remote attackers to create administrative accounts via the un parameter in a register action.
Max CVSS
7.5
EPSS Score
2.27%
Published
2007-09-24
Updated
2017-09-29
3 vulnerabilities found