Vulnerabilities > CVE-2006-6599 - Unspecified vulnerability in Torrentflux 2.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN torrentflux
exploit available
Summary
maketorrent.php in TorrentFlux 2.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters (";" semicolon) in the announce parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | TorrentFlux 2.2 (maketorrent.php) Remote Command Execution Exploit. CVE-2006-6599. Webapps exploit for php platform |
| file | exploits/php/webapps/2903.pl |
| id | EDB-ID:2903 |
| last seen | 2016-01-31 |
| modified | 2006-12-09 |
| platform | php |
| port | |
| published | 2006-12-09 |
| reporter | r0ut3r |
| source | https://www.exploit-db.com/download/2903/ |
| title | TorrentFlux 2.2 maketorrent.php Remote Command Execution Exploit |
| type | webapps |
References
- http://secunia.com/advisories/23270
- http://secunia.com/advisories/23270
- http://www.securityfocus.com/bid/21526
- http://www.securityfocus.com/bid/21526
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30850
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30850
- https://www.exploit-db.com/exploits/2903
- https://www.exploit-db.com/exploits/2903