Adam Scheinberg: Security Vulnerabilities
PHP remote file inclusion vulnerability in config.php in Adam Scheinberg Flip 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the incpath parameter.
CVSS Score
7.5
EPSS Score
0.009
Published
2008-07-25
account.php in Adam Scheinberg Flip 3.0 and earlier allows remote attackers to create administrative accounts via the un parameter in a register action.
CVSS Score
7.5
EPSS Score
0.028
Published
2007-09-24
Adam Scheinberg Flip 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing login credentials via a direct request for var/users.txt.
CVSS Score
5.0
EPSS Score
0.028
Published
2007-09-24