Vulnerability Details CVE-2007-4435
Multiple SQL injection vulnerabilities in TorrentTrader before 1.07 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) account-inbox.php, (2) account-settings.php, and possibly (3) backend/functions.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/26504
- http://www.osvdb.org/36598
- http://www.osvdb.org/36599
- http://www.osvdb.org/36600
- http://www.securityfocus.com/bid/25369
- http://www.torrenttrader.org/index.php?showtopic=5776
- http://www.torrenttrader.org/index.php?showtopic=6255
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36119
- http://secunia.com/advisories/26504
- http://www.osvdb.org/36598
- http://www.osvdb.org/36599
- http://www.osvdb.org/36600
- http://www.securityfocus.com/bid/25369
- http://www.torrenttrader.org/index.php?showtopic=5776
- http://www.torrenttrader.org/index.php?showtopic=6255
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36119
Products affected by CVE-2007-4435
-
cpe:2.3:a:torrenttrader:torrenttrader:*