ID CVE-2008-6418
Type cve
Reporter NVD
Modified 2017-08-16T21:29:16
Description
SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.
{"id": "CVE-2008-6418", "bulletinFamily": "NVD", "title": "CVE-2008-6418", "description": "SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.", "published": "2009-03-06T13:30:00", "modified": "2017-08-16T21:29:16", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6418", "reporter": "NVD", "references": ["http://sourceforge.net/project/shownotes.php?group_id=98584&release_id=545219", "https://exchange.xforce.ibmcloud.com/vulnerabilities/42785", "http://www.securityfocus.com/archive/1/archive/1/492878/100/0/threaded", "http://www.securityfocus.com/bid/29451"], "cvelist": ["CVE-2008-6418"], "type": "cve", "lastseen": "2017-08-17T11:14:04", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:torrenttrader:torrenttrader:1.06::classic_edition", "cpe:/a:torrenttrader:torrenttrader:1.08::classic_edition", "cpe:/a:torrenttrader:torrenttrader:1.07::classic_edition", "cpe:/a:torrenttrader:torrenttrader:1.0"], "cvelist": ["CVE-2008-6418"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.", "edition": 1, "enchantments": {}, "hash": "263e9fc8a6ad33379305d1543db1c03610a681cedffabc0d276ad626b5716b7f", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "539f668c72179b5d692c7deffadbefa8", "key": "cvelist"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "3121c35c1a608663e609933fb0216474", "key": "references"}, {"hash": "4a658672c9c3dbf459b2c5131be11cb9", "key": "published"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "aa3ccdf452613afffabca08d3b9e1dcc", "key": "modified"}, {"hash": "93837f1094ced4d35d057f3f4f79a87d", "key": "href"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5c692cef3a7abe87e5ca5f8eaf0bf9b6", "key": "title"}, {"hash": "9e39e3989cb2a10ab32964ece0c3327d", "key": "description"}, {"hash": "c8d27b4ea21521e3e08eeaa3923600c6", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6418", "id": "CVE-2008-6418", "lastseen": "2016-09-03T11:41:11", "modified": "2009-04-14T01:40:42", "objectVersion": "1.2", "published": "2009-03-06T13:30:00", "references": ["http://sourceforge.net/project/shownotes.php?group_id=98584&release_id=545219", "http://www.securityfocus.com/archive/1/archive/1/492878/100/0/threaded", "http://www.securityfocus.com/bid/29451", "http://xforce.iss.net/xforce/xfdb/42785"], "reporter": "NVD", "scanner": [], "title": "CVE-2008-6418", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T11:41:11"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "c8d27b4ea21521e3e08eeaa3923600c6"}, {"key": "cvelist", "hash": "539f668c72179b5d692c7deffadbefa8"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "9e39e3989cb2a10ab32964ece0c3327d"}, {"key": "href", "hash": "93837f1094ced4d35d057f3f4f79a87d"}, {"key": "modified", "hash": "a3efde81ab8c330adf0ed46f407ea958"}, {"key": "published", "hash": "4a658672c9c3dbf459b2c5131be11cb9"}, {"key": "references", "hash": "700e1f7433c7cef5a09f332ab3117940"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "5c692cef3a7abe87e5ca5f8eaf0bf9b6"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "c63cd42595eb6c5ccf542a49e9bdd5b4940b61e1fda7a355062fc2862573677f", "viewCount": 0, "enchantments": {"vulnersScore": 7.5}, "objectVersion": "1.3", "cpe": ["cpe:/a:torrenttrader:torrenttrader:1.06::classic_edition", "cpe:/a:torrenttrader:torrenttrader:1.08::classic_edition", "cpe:/a:torrenttrader:torrenttrader:1.07::classic_edition", "cpe:/a:torrenttrader:torrenttrader:1.0"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"result": {"exploitdb": [{"id": "EDB-ID:31866", "type": "exploitdb", "title": "TorrentTrader Classic 1.x - 'scrape.php' SQL Injection Vulnerability", "description": "TorrentTrader Classic 1.x 'scrape.php' SQL Injection Vulnerability. CVE-2008-6418. Webapps exploit for php platform", "published": "2008-05-31T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/31866/", "cvelist": ["CVE-2008-6418"], "lastseen": "2016-02-03T15:39:53"}]}}