Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8
CVE-2025-64519
- EPSS 0.04%
- Veröffentlicht 10.11.2025 22:17:31
- Zuletzt bearbeitet 31.12.2025 17:55:04
TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In versions up to and including 2.8.8, an authenticated SQL injection vulnerability exists in the moderator control panel (`modcp.php`). Users with moderator perm...
9.8
CVE-2024-40624
- EPSS 0.25%
- Veröffentlicht 15.07.2024 20:15:04
- Zuletzt bearbeitet 21.11.2024 09:31:23
TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In `torrentpier/library/includes/functions.php`, `get_tracks()` uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can us...
9.8
CVE-2024-1651
- EPSS 77.8%
- Veröffentlicht 20.02.2024 00:15:14
- Zuletzt bearbeitet 12.02.2025 17:26:55
Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to insecure deserialization.
1