Vulnerabilities > Torrenttrader > Torrenttrader > 1.08
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-03-06 | CVE-2008-6418 | SQL Injection vulnerability in Torrenttrader SQL injection vulnerability in scrape.php in TorrentTrader before 2008-05-13 allows remote attackers to execute arbitrary SQL commands via the info_hash parameter. | 7.5 |
2008-03-06 | CVE-2008-1173 | Cross-Site Scripting vulnerability in Torrenttrader and Torrenttrader Classic Cross-site scripting (XSS) vulnerability in account-inbox.php in TorrentTrader Classic 1.08 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |
2008-03-06 | CVE-2008-1172 | Cross-Site Request Forgery (CSRF) vulnerability in Torrenttrader and Torrenttrader Classic Cross-site request forgery (CSRF) vulnerabilities in account-inbox.php in TorrentTrader Classic 1.08 allow remote attackers to perform certain actions as other users, as demonstrated by sending messages. | 4.3 |