Filtered by vendor Btitracker
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-6972 | 1 Btitracker | 1 Btitracker | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) by and (2) order parameters. NOTE: it is not clear whether this issue is exploitable. | |||||
CVE-2006-7159 | 2 Bti-tracker, Btitracker | 2 Bti-tracker, Btitracker | 2024-02-04 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in include/prune_torrents.php in BTI-Tracker 1.3.2 (aka btitracker) allows remote attackers to delete arbitrary files via ".." sequences in the TORRENTSDIR parameter in a prune action. |