Описание
SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) by and (2) order parameters. NOTE: it is not clear whether this issue is exploitable.
SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) by and (2) order parameters. NOTE: it is not clear whether this issue is exploitable.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-6972
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27216
- http://attrition.org/pipermail/vim/2006-June/000894.html
- http://pridels0.blogspot.com/2006/06/btittracker-sql-injection-vuln.html
- http://secunia.com/advisories/20753
- http://www.attrition.org/pipermail/vim/2006-June/000890.html
- http://www.osvdb.org/26653
- http://www.securityfocus.com/bid/18549
- http://www.vupen.com/english/advisories/2006/2445
EPSS
Процентиль: 76%
0.0093
Низкий
CVE ID
Связанные уязвимости
nvd
почти 19 лет назад
SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) by and (2) order parameters. NOTE: it is not clear whether this issue is exploitable.
EPSS
Процентиль: 76%
0.0093
Низкий