3 matches found
CVE-2006-5451
Multiple cross-site scripting XSS vulnerabilities in TorrentFlux 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 action, 2 file, and 3 users array variables in a admin.php, which are not properly handled when the administrator views the Activity Log; and the 4 torrent...
CVE-2006-5451
Multiple cross-site scripting XSS vulnerabilities in TorrentFlux 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 action, 2 file, and 3 users array variables in a admin.php, which are not properly handled when the administrator views the Activity Log; and the 4 torrent...
CVE-2006-5451
CVE-2006-5451 describes multiple XSS flaws in TorrentFlux 2.1. The vulnerabilities allow remote attackers to inject arbitrary script/HTML via: (1) admin.php parameters (action, file, users array) when viewing the Activity Log, and (2) startpop.php torrent parameter used by displayName. The vector...