CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-2101

Directory traversal vulnerability in archive.php in TorrentVolve 1.4, when register_globals is enabled, allows remote attackers to delete arbitrary files via a .. (dot dot) in the deleteTorrent parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.6%

CVSS Severity

CVSS v2 Score 6.8

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/51088
https://www.exploit-db.com/exploits/8931
https://exchange.xforce.ibmcloud.com/vulnerabilities/51088
https://www.exploit-db.com/exploits/8931

Products affected by CVE-2009-2101

Castro Xl » Torrentvolve » Version: 1.4

cpe:2.3:a:castro_xl:torrentvolve:1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2101

Products

Pricing

Contact Us