Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
torrenttrader torrenttrader classic 1.09 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2156
Multiple cross-site scripting (XSS) vulnerabilities in TorrentTrader Classic 1.09 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Title field to requests.php, related to viewrequests.php; and (2) the Torrent Name field to torrents-upload.php, r...
Torrenttrader Torrenttrader Classic 1.09
1 EDB exploit
NA
CVE-2009-2157
Multiple SQL injection vulnerabilities in TorrentTrader Classic 1.09 allow remote authenticated users to execute arbitrary SQL commands via (1) the origmsg parameter to account-inbox.php; the categ parameter to (2) delreq.php and (3) admin-delreq.php; (4) the choice parameter to ...
Torrenttrader Torrenttrader Classic 1.09
1 EDB exploit
NA
CVE-2009-2159
backup-database.php in TorrentTrader Classic 1.09 does not require administrative authentication, which allows remote malicious users to create and download a backup database by making a direct request and then retrieving a .gz file from backups/.
Torrenttrader Torrenttrader Classic 1.09
1 EDB exploit
NA
CVE-2009-2160
TorrentTrader Classic 1.09 allows remote malicious users to (1) obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function; and allows remote malicious users to (2) obtain other potentially sensitive information via a direct request to ...
Torrenttrader Torrenttrader Classic 1.09
1 EDB exploit
NA
CVE-2009-2161
Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic 1.09, when used on a case-insensitive web site, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ss_uri parameter, in conjunction with a m...
Torrenttrader Torrenttrader Classic 1.09
1 EDB exploit
7.5
CVSSv3
CVE-2009-2158
account-recover.php in TorrentTrader Classic 1.09 chooses random passwords from an insufficiently large set, which makes it easier for remote malicious users to obtain a password via a brute-force attack.
Torrenttrader Project Torrenttrader 1.09
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started