Sql injection

2008-08-2614:41:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.9%

JSON

SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and earlier and xBtiTracker 2.0.542 and earlier allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.

CPENameOperatorVersion
btitrackerle1.4.7
xbtitrackerle2.0.542

CPE	Name	Operator	Version
	btitracker	le	1.4.7
	xbtitracker	le	2.0.542

References

secunia.com/advisories/31556

securityreason.com/securityalert/4186

www.btiteam.org/

www.btiteam.org/smf/index.php?topic=12068

www.securityfocus.com/bid/30811

exchange.xforce.ibmcloud.com/vulnerabilities/44627

www.exploit-db.com/exploits/6296