Torrenttrader » Torrenttrader Classic » 1.08 : Security Vulnerabilities, CVEs,
Multiple SQL injection vulnerabilities in TorrentTrader 1.08 Classic allow remote attackers to execute arbitrary SQL commands via the (1) email or (2) wantusername parameter to account-signup.php, or the (3) receiver parameter to account-inbox.php in a msg action.
Max CVSS
6.8
EPSS Score
0.40%
Published
2008-06-18
Updated
2018-10-11
Cross-site scripting (XSS) vulnerability in account-inbox.php in TorrentTrader Classic 1.08 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
Max CVSS
4.3
EPSS Score
0.27%
Published
2008-03-06
Updated
2018-10-11
Cross-site request forgery (CSRF) vulnerabilities in account-inbox.php in TorrentTrader Classic 1.08 allow remote attackers to perform certain actions as other users, as demonstrated by sending messages.
Max CVSS
4.3
EPSS Score
0.15%
Published
2008-03-06
Updated
2018-10-11
3 vulnerabilities found