3 matches found
TorrentTrader 1.08 - 'msg' Parameter HTML Injection Vulnerability
No description provided by source...
Sql injection
Multiple SQL injection vulnerabilities in TorrentTrader 1.08 Classic allow remote attackers to execute arbitrary SQL commands via the 1 email or 2 wantusername parameter to account-signup.php, or the 3 receiver parameter to account-inbox.php in a msg action...
CVE-2008-2428
TorrentTrader 1.08 Classic is affected by multiple SQL injection vulnerabilities in the PHP/MySQL-based TorrentTrader platform. Specifically, unsanitized input in account-signup.php (parameters email and wantusername) and in account-inbox.php (parameter receiver when msg is set) allows remote SQL...