CVE Tools

torrentflux

Unclassifiedunknown

13

Cumulative CVEs

3

Monthly snapshots

#12

Peak rank

Top products

Latest CVEs

The 13 most recently published vulnerabilities affecting torrentflux.

CVE-2008-6585Cross-site request forgery (CSRF) vulnerability in html/admin.php in TorrentFlux 2.3 allows remote attackers to hijack the authentication of administrators for requests that add new accounts via th...6.8Apr 3, 2009
CVE-2008-6584html/index.php in TorrentFlux 2.3 allows remote authenticated users to execute arbitrary code via a URL with a file containing an executable extension in the url_upload parameter, which is download...6.0Apr 3, 2009
CVE-2006-6604Directory traversal vulnerability in downloaddetails.php in TorrentFlux 2.2 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the alias parameter, a different ...6.5Dec 15, 2006
CVE-2006-6600Cross-site scripting (XSS) vulnerability in dir.php in TorrentFlux 2.2, when allows remote attackers to inject arbitrary web script or HTML via double URL-encoded strings in the dir parameter, a re...6.0Dec 15, 2006
CVE-2006-6599maketorrent.php in TorrentFlux 2.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters (";" semicolon) in the announce parameter.6.0Dec 15, 2006
CVE-2006-6598Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot...6.5Dec 15, 2006
CVE-2006-6331metaInfo.php in TorrentFlux 2.2, when $cfg["enable_file_priority"] is false, allows remote attackers to execute arbitrary commands via shell metacharacters (backticks) in the torrent parameter to (...6.0Dec 6, 2006
CVE-2006-6330index.php for TorrentFlux 2.2 allows remote registered users to execute arbitrary commands via shell metacharacters in the kill parameter.6.0Dec 6, 2006
CVE-2006-6329index.php for TorrentFlux 2.2 allows remote attackers to delete files by specifying the target filename in the delfile parameter.4.9Dec 6, 2006
CVE-2006-6328Directory traversal vulnerability in index.php for TorrentFlux 2.2 allows remote attackers to create or overwrite arbitrary files via sequences in the alias_file parameter.4.9Dec 6, 2006
CVE-2006-5609Directory traversal vulnerability in dir.php in TorrentFlux 2.1 allows remote attackers to list arbitrary directories via "\.\./" sequences in the dir parameter.5.0Oct 30, 2006
CVE-2006-5451Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) file, and (3) users array variables in (...2.6Oct 23, 2006
CVE-2006-5227Cross-site scripting (XSS) vulnerability in admin.php in TorrentFlux 2.1 allows remote attackers to inject arbitrary web script or HTML via (1) the $user_agent variable, probably obtained from the ...6.8Oct 10, 2006