Torrentflux@2.4 Security Vulnerabilities and Issues — Torrentflux@2.4 CVE List

Lucene search

Torrentflux ProjectTorrentflux2.4

3 matches found

CVE•added 2014/09/05 2:55 p.m.•36 views

CVE-2014-6029

TorrentFlux 2.4 allows remote authenticated users to delete or modify other users' cookies via the cid parameter in an editCookies action to profile.php.

4.9CVSS6.4AI score0.00577EPSS

CVE•added 2014/09/05 2:55 p.m.•29 views

CVE-2014-6028

TorrentFlux 2.4 allows remote authenticated users to obtain other users' cookies via the cid parameter in an editCookies action to profile.php.

4CVSS6.3AI score0.00265EPSS

CVE•added 2018/01/16 7:29 p.m.•26 views

CVE-2014-6027

Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.4 allow (1) remote attackers to inject arbitrary web script or HTML by leveraging failure to encode file contents when downloading a torrent file or (2) remote authenticated users to inject arbitrary web script or HTML via vectors...

6.1CVSS5.7AI score0.00343EPSS