CVE-2007-5063 : Adam Scheinberg Flip 3.0 and earlier stores sensitive information under the web

Adam Scheinberg Flip 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing login credentials via a direct request for var/users.txt.

Published 2007-09-24 22:17:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2007-5063

Adam Scheinberg » Flip
Versions up to, including, (<=) 3.0
cpe:2.3:a:adam_scheinberg:flip:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2007-5063

EPSS FAQ

2.79%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 85 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2007-5063

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2007-5063

CWE-255

Assigned by: nvd@nist.gov (Primary)

References for CVE-2007-5063

Jump to

Vulnerability Details : CVE-2007-5063

Products affected by CVE-2007-5063

Exploit prediction scoring system (EPSS) score for CVE-2007-5063

CVSS scores for CVE-2007-5063

CWE ids for CVE-2007-5063

References for CVE-2007-5063