4 matches found
CVE-2006-6331
metaInfo.php in TorrentFlux 2.2, when $cfg"enablefilepriority" is false, allows remote attackers to execute arbitrary commands via shell metacharacters backticks in the torrent parameter to 1 details.php and 2 startpop.php...
CVE-2006-5451
Multiple cross-site scripting XSS vulnerabilities in TorrentFlux 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 action, 2 file, and 3 users array variables in a admin.php, which are not properly handled when the administrator views the Activity Log; and the 4 torrent...
CVE-2006-5451
Multiple cross-site scripting XSS vulnerabilities in TorrentFlux 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 action, 2 file, and 3 users array variables in a admin.php, which are not properly handled when the administrator views the Activity Log; and the 4 torrent...
CVE-2006-5451
CVE-2006-5451 describes multiple XSS flaws in TorrentFlux 2.1. The vulnerabilities allow remote attackers to inject arbitrary script/HTML via: (1) admin.php parameters (action, file, users array) when viewing the Activity Log, and (2) startpop.php torrent parameter used by displayName. The vector...