Описание
metaInfo.php in TorrentFlux 2.2, when $cfg["enable_file_priority"] is false, allows remote attackers to execute arbitrary commands via shell metacharacters (backticks) in the torrent parameter to (1) details.php and (2) startpop.php.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.1-7 |
| edgy | released | 2.1-1ubuntu0.2 |
| feisty | released | 2.1-7 |
| gutsy | released | 2.1-7 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
6 Medium
CVSS2
Связанные уязвимости
metaInfo.php in TorrentFlux 2.2, when $cfg["enable_file_priority"] is false, allows remote attackers to execute arbitrary commands via shell metacharacters (backticks) in the torrent parameter to (1) details.php and (2) startpop.php.
metaInfo.php in TorrentFlux 2.2, when $cfg["enable_file_priority"] is ...
metaInfo.php in TorrentFlux 2.2, when $cfg["enable_file_priority"] is false, allows remote attackers to execute arbitrary commands via shell metacharacters (backticks) in the torrent parameter to (1) details.php and (2) startpop.php.
EPSS
6 Medium
CVSS2