CVE-2014-6027
- EPSS 0.34%
- Veröffentlicht 16.01.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 02:13:37
Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.4 allow (1) remote attackers to inject arbitrary web script or HTML by leveraging failure to encode file contents when downloading a torrent file or (2) remote authenticated users t...
- EPSS 0.27%
- Veröffentlicht 05.09.2014 14:55:04
- Zuletzt bearbeitet 12.04.2025 10:46:40
TorrentFlux 2.4 allows remote authenticated users to obtain other users' cookies via the cid parameter in an editCookies action to profile.php.
CVE-2014-6029
- EPSS 0.58%
- Veröffentlicht 05.09.2014 14:55:04
- Zuletzt bearbeitet 12.04.2025 10:46:40
TorrentFlux 2.4 allows remote authenticated users to delete or modify other users' cookies via the cid parameter in an editCookies action to profile.php.
CVE-2008-2020
- EPSS 0.52%
- Veröffentlicht 30.04.2008 01:07:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e-Commerce-Suite (aka 123tkShop) 0.9.1, (3) phpMyBitTorrent 1.2.2, (4) TorrentFlux 2.3, (5) e107 0.7.11, (6) WebZE 0.5.9, (7) Open Media Collectors Databa...