Vulnerabilities > CVE-2006-6600 - Cross-Site Scripting vulnerability in TorrentFlux

CVSS 6.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

torrentflux

NVD

Published: 2006-12-15

Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in dir.php in TorrentFlux 2.2, when allows remote attackers to inject arbitrary web script or HTML via double URL-encoded strings in the dir parameter, a related issue to CVE-2006-5609.

Vulnerable Configurations

Part	Description	Count
Application	Torrentflux Torrentflux Torrentflux *	1

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582
http://secunia.com/advisories/23270