Torrenttrader: >> Torrenttrader >> 1.07 Security Vulnerabilities
SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2009-03-06
Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic Edition 1.07 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ss_uri parameter.
CVSS Score
7.5
EPSS Score
0.063
Published
2007-10-09
Cross-site scripting (XSS) vulnerability in TorrentTrader Classic 1.07 allows remote attackers to inject arbitrary web script or HTML via the (1) color parameter to pjirc/css.php and the (2) cat parameter to browse.php.
CVSS Score
4.3
EPSS Score
0.075
Published
2007-10-09
Multiple cross-site scripting (XSS) vulnerabilities in account_settings.php in TorrentTrader 1.07 allow remote attackers to inject arbitrary web script or HTML via the (1) avatar and (2) title parameters.
CVSS Score
2.6
EPSS Score
0.003
Published
2007-09-12