Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 16 results


CVE-2014-6027

Medium priority
Ignored

Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.4 allow (1) remote attackers to inject arbitrary web script or HTML by leveraging failure to encode file contents when downloading a torrent file or (2) remote...

1 affected packages

torrentflux

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
torrentflux Not in release Not in release
Show less packages

CVE-2014-6029

Medium priority
Ignored

TorrentFlux 2.4 allows remote authenticated users to delete or modify other users' cookies via the cid parameter in an editCookies action to profile.php.

1 affected packages

torrentflux

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
torrentflux Not in release Not in release
Show less packages

CVE-2014-6028

Medium priority
Ignored

TorrentFlux 2.4 allows remote authenticated users to obtain other users' cookies via the cid parameter in an editCookies action to profile.php.

1 affected packages

torrentflux

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
torrentflux Not in release Not in release
Show less packages

CVE-2008-6585

Medium priority
Ignored

Cross-site request forgery (CSRF) vulnerability in html/admin.php in TorrentFlux 2.3 allows remote attackers to hijack the authentication of administrators for requests that add new accounts via the addUser action.

1 affected packages

torrentflux

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
torrentflux
Show less packages

CVE-2008-6584

Medium priority
Ignored

html/index.php in TorrentFlux 2.3 allows remote authenticated users to execute arbitrary code via a URL with a file containing an executable extension in the url_upload parameter, which is downloaded by TorrentFlux and can be...

1 affected packages

torrentflux

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
torrentflux
Show less packages

CVE-2006-6604

Unknown priority
Fixed

Directory traversal vulnerability in downloaddetails.php in TorrentFlux 2.2 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the alias parameter, a different vector than CVE-2006-6328.

1 affected packages

torrentflux

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
torrentflux
Show less packages

CVE-2006-6600

Unknown priority
Fixed

Cross-site scripting (XSS) vulnerability in dir.php in TorrentFlux 2.2, when allows remote attackers to inject arbitrary web script or HTML via double URL-encoded strings in the dir parameter, a related issue to CVE-2006-5609.

1 affected packages

torrentflux

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
torrentflux
Show less packages

CVE-2006-6599

Unknown priority
Fixed

maketorrent.php in TorrentFlux 2.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters (";" semicolon) in the announce parameter.

1 affected packages

torrentflux

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
torrentflux
Show less packages

CVE-2006-6598

Unknown priority
Fixed

Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path...

1 affected packages

torrentflux

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
torrentflux
Show less packages

CVE-2006-6331

Unknown priority
Fixed

metaInfo.php in TorrentFlux 2.2, when $cfg["enable_file_priority"] is false, allows remote attackers to execute arbitrary commands via shell metacharacters (backticks) in the torrent parameter to (1) details.php and (2) startpop.php.

1 affected packages

torrentflux

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
torrentflux
Show less packages