RSS   Vulnerabilities for 'Ktorrent'   RSS

2009-01-15
 
CVE-2008-5906

CWE-20
 

 
Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.

 
 
CVE-2008-5905

CWE-264
 

 
The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.

 


Copyright 2024, cxsecurity.com

 

Back to Top