EUVD-2008-1181

Malware in sbrugna...

Cross site scripting

Cross-site scripting XSS vulnerability in account-inbox.php in TorrentTrader Classic 1.08 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerabilities in account-inbox.php in TorrentTrader Classic 1.08 allow remote attackers to perform certain actions as other users, as demonstrated by sending messages...

CVE-2008-1173

Cross-site scripting XSS vulnerability in account-inbox.php in TorrentTrader Classic 1.08 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

CVE-2008-1172

CVE-2008-1172 describes a Cross-site request forgery (CSRF) vulnerability in the file account-inbox.php of TorrentTrader Classic 1.08. The issue allows remote attackers to perform certain actions as other users, demonstrated by sending messages. This vulnerability arises in the context of the aff...

CVE-2008-1172

Cross-site request forgery CSRF vulnerabilities in account-inbox.php in TorrentTrader Classic 1.08 allow remote attackers to perform certain actions as other users, as demonstrated by sending messages...

Sql injection

Multiple SQL injection vulnerabilities in TorrentTrader before 1.07 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 account-inbox.php, 2 account-settings.php, and possibly 3 backend/functions.php...