10 matches found
CVE-2025-64519 TorrentPier is Vulnerable to Authenticated SQL Injection through Moderator Control Panel's topic_id parameter
TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In versions up to and including 2.8.8, an authenticated SQL injection vulnerability exists in the moderator control panel modcp.php. Users with moderator permissions can exploit this vulnerability by supplying...
EUVD-2025-50812
TorrentPier is Vulnerable to Authenticated SQL Injection through Moderator Control Panel's topicid parameter...
TorrentPier is Vulnerable to Authenticated SQL Injection through Moderator Control Panel's topic_id parameter
Summary An authenticated SQL injection vulnerability exists in the moderator control panel modcp.php. Users with moderator permissions can exploit this vulnerability by supplying a malicious topicid t parameter. This allows an authenticated moderator to execute arbitrary SQL queries, leading to t...
GHSA-4RWR-8C3M-55F6 TorrentPier is Vulnerable to Authenticated SQL Injection through Moderator Control Panel's topic_id parameter
Summary An authenticated SQL injection vulnerability exists in the moderator control panel modcp.php. Users with moderator permissions can exploit this vulnerability by supplying a malicious topicid t parameter. This allows an authenticated moderator to execute arbitrary SQL queries, leading to t...
CVE-2014-9438
Cross-site request forgery CSRF vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that 1 ban a user via the username parameter in a dobanuser action to modcp/banning.php or 2 unban a user, 3 modify...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that 1 ban a user via the username parameter in a dobanuser action to modcp/banning.php or 2 unban a user, 3 modify...
CVE-2014-9438
Cross-site request forgery CSRF vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that 1 ban a user via the username parameter in a dobanuser action to modcp/banning.php or 2 unban a user, 3 modify...
CVE-2014-9438
CVE-2014-9438 is a CSRF vulnerability in the vBulletin 4.2.2 Moderator Control Panel. The issue allows an attacker to hijack an administrator’s session to perform actions such as banning/unbanning users, modifying user profiles, and approving or editing posts/topics via the modcp interface (e.g.,...
vBulletin 4.2.2 Moderator Control Panel 4.2.2 CSRF Vulnerability
Exploit for php platform in category web applications This is private exploit. You can buy it at https://0day.today...
vBulletin Moderator Control Panel 4.2.2 CSRF
Exploit Title: vBulletin Moderator Control Panel CSRF Google Dork: "Powered by vBulletin® Version 4.2.2" Date: 16-12-2014 Exploit Author: Tomescu Daniel http://daniel-tomescu.com https://rstforums.com/forum Vendor Homepage: http://www.vbulletin.com/en/vb4-features/ Software Link: Premium Version:...