RSS   Vulnerabilities for 'VUZE'   RSS

2009-04-03
 
CVE-2008-6587

CWE-352
 

 
Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze (formerly Azureus HTML WebUI), probably 0.7.6, allows remote attackers to hijack the authentication of users for requests that force the download of arbitrary torrent files via the upurl parameter.

 

 >>> Vendor: VUZE 2 Products
VUZE
Bittorrent client


Copyright 2019, cxsecurity.com

 

Back to Top