58 matches found
EUVD-2007-5291
Malware in sbrugna...
EUVD-2007-5292
Malware in sbrugna...
EUVD-2008-4475
Malware in sbrugna...
EUVD-2008-1181
Malware in sbrugna...
EUVD-2008-1182
Malware in sbrugna...
EUVD-2009-2155
Malware in sbrugna...
EUVD-2009-2152
Malware in sbrugna...
EUVD-2009-2153
Malware in sbrugna...
EUVD-2009-2156
Malware in sbrugna...
TorrentTrader Classic 1.x - 'scrape.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29451/info TorrentTrader Classic is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
TorrentTrader Classic <= 1.04 - Blind SQL Injection Vulnerability
No description provided by source. ====================================================== == TorrentTrader Classic = 1.04 Blind SQL Injection Exploit ====================================================== == NamE : TorrentTrader Classic == version : 1.04 == Download : www.torrenttrader.org...
TorrentTrader Classic Version Detection
This script detects the installed version of TorrentTrader Classic. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
TorrentTrader Classic Multiple Vulnerabilities
TorrentTrader Classic is prone to multiple vulnerabilities. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
CVE-2009-2161
Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic 1.09, when used on a case-insensitive web site, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the ssuri parameter, in conjunction with a modified component name...
CVE-2009-2160
TorrentTrader Classic 1.09 allows remote attackers to 1 obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function; and allows remote attackers to 2 obtain other potentially sensitive information via a direct request to check.php...
CVE-2009-2159
backup-database.php in TorrentTrader Classic 1.09 does not require administrative authentication, which allows remote attackers to create and download a backup database by making a direct request and then retrieving a .gz file from backups/...
CVE-2009-2157
Multiple SQL injection vulnerabilities in TorrentTrader Classic 1.09 allow remote authenticated users to execute arbitrary SQL commands via 1 the origmsg parameter to account-inbox.php; the categ parameter to 2 delreq.php and 3 admin-delreq.php; 4 the choice parameter to index.php; 5 the id...
CVE-2009-2156
Multiple cross-site scripting XSS vulnerabilities in TorrentTrader Classic 1.09 allow remote authenticated users to inject arbitrary web script or HTML via 1 the Title field to requests.php, related to viewrequests.php; and 2 the Torrent Name field to torrents-upload.php, related to the logging o...
Default credentials
account-recover.php in TorrentTrader Classic 1.09 chooses random passwords from an insufficiently large set, which makes it easier for remote attackers to obtain a password via a brute-force attack...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in TorrentTrader Classic 1.09 allow remote authenticated users to inject arbitrary web script or HTML via 1 the Title field to requests.php, related to viewrequests.php; and 2 the Torrent Name field to torrents-upload.php, related to the logging o...