Sql injection

2009-03-0618:30:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

43.7%

JSON

SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.

CPENameOperatorVersion
torrenttradereq1.7 classic-edition
torrenttradereq1.8 classic-edition
torrenttradereq1.0
torrenttradereq1.6 classic-edition

Name	Operator	Version
torrenttrader	eq	1.7 classic-edition
torrenttrader	eq	1.8 classic-edition
torrenttrader	eq	1.0
torrenttrader	eq	1.6 classic-edition

References

osvdb.org/45858

secunia.com/advisories/30480

sourceforge.net/project/shownotes.php?group_id=98584&release_id=545219

www.securityfocus.com/archive/1/492878/100/0/threaded

www.securityfocus.com/bid/29451

exchange.xforce.ibmcloud.com/vulnerabilities/42785