Lucene search
K

10 matches found

Cvelist
Cvelist
added 2025/11/10 10:17 p.m.7 views

CVE-2025-64519 TorrentPier is Vulnerable to Authenticated SQL Injection through Moderator Control Panel's topic_id parameter

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In versions up to and including 2.8.8, an authenticated SQL injection vulnerability exists in the moderator control panel modcp.php. Users with moderator permissions can exploit this vulnerability by supplying...

8.8CVSS0.00376EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/10 9:30 p.m.5 views

EUVD-2025-50812

TorrentPier is Vulnerable to Authenticated SQL Injection through Moderator Control Panel's topicid parameter...

8.8CVSS7.4AI score0.00376EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2025/11/10 9:30 p.m.10 views

TorrentPier is Vulnerable to Authenticated SQL Injection through Moderator Control Panel's topic_id parameter

Summary An authenticated SQL injection vulnerability exists in the moderator control panel modcp.php. Users with moderator permissions can exploit this vulnerability by supplying a malicious topicid t parameter. This allows an authenticated moderator to execute arbitrary SQL queries, leading to t...

8.8CVSS6.1AI score0.00376EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/11/10 9:30 p.m.1 views

GHSA-4RWR-8C3M-55F6 TorrentPier is Vulnerable to Authenticated SQL Injection through Moderator Control Panel's topic_id parameter

Summary An authenticated SQL injection vulnerability exists in the moderator control panel modcp.php. Users with moderator permissions can exploit this vulnerability by supplying a malicious topicid t parameter. This allows an authenticated moderator to execute arbitrary SQL queries, leading to t...

8.8CVSS6.1AI score0.00376EPSS
Exploits1References4
NVD
NVD
added 2015/01/02 7:59 p.m.14 views

CVE-2014-9438

Cross-site request forgery CSRF vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that 1 ban a user via the username parameter in a dobanuser action to modcp/banning.php or 2 unban a user, 3 modify...

6.8CVSS7.1AI score0.01116EPSS
Exploits1References3
Prion
Prion
added 2015/01/02 7:59 p.m.19 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that 1 ban a user via the username parameter in a dobanuser action to modcp/banning.php or 2 unban a user, 3 modify...

6.8CVSS7.6AI score0.01116EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2015/01/02 7:0 p.m.21 views

CVE-2014-9438

Cross-site request forgery CSRF vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that 1 ban a user via the username parameter in a dobanuser action to modcp/banning.php or 2 unban a user, 3 modify...

7.1AI score0.01116EPSS
Exploits1References3
CVE
CVE
added 2015/01/02 7:0 p.m.58 views

CVE-2014-9438

CVE-2014-9438 is a CSRF vulnerability in the vBulletin 4.2.2 Moderator Control Panel. The issue allows an attacker to hijack an administrator’s session to perform actions such as banning/unbanning users, modifying user profiles, and approving or editing posts/topics via the modcp interface (e.g.,...

6.8CVSS7.3AI score0.01116EPSS
Exploits1References3Affected Software1
0day.today
0day.today
added 2014/12/20 12:0 a.m.25 views

vBulletin 4.2.2 Moderator Control Panel 4.2.2 CSRF Vulnerability

Exploit for php platform in category web applications This is private exploit. You can buy it at https://0day.today...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2014/12/17 12:0 a.m.38 views

vBulletin Moderator Control Panel 4.2.2 CSRF

Exploit Title: vBulletin Moderator Control Panel CSRF Google Dork: "Powered by vBulletin® Version 4.2.2" Date: 16-12-2014 Exploit Author: Tomescu Daniel http://daniel-tomescu.com https://rstforums.com/forum Vendor Homepage: http://www.vbulletin.com/en/vb4-features/ Software Link: Premium Version:...

0.4AI score
Exploits0
Rows per page
Query Builder