4 results (0.004 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's browser session. Deluge Web-UI es vulnerable a un ataque de tipo XSS mediante un archivo torrent diseñado. Los datos de los archivos torrent no son saneados apropiadamente, ya que son interpretados directamente como HTML. • https://dev.deluge-torrent.org/ticket/3459 https://groups.google.com/g/deluge-dev/c/e5zh7wT0rEg https://security.gentoo.org/glsa/202210-07 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file. El componente WebUI de Deluge anterior a versión 1.3.15, contiene una vulnerabilidad de salto de directorio que implica una petición en la que el nombre del archivo de renderizado no está asociado a ningún archivo de plantilla. • http://dev.deluge-torrent.org/wiki/ReleaseNotes/1.3.15 http://git.deluge-torrent.org/deluge/commit/?h=1.3-stable&id=41acade01ae88f7b7bbdba308a0886771aa582fd http://www.debian.org/security/2017/dsa-3856 http://www.securityfocus.com/bid/99099 https://bugs.debian.org/862611 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 2

CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an arbitrary program from its __init__.py file and (2) causing the victim to download, install, and enable this plugin. CSRF ha sido descubierto en la interfaz web de usuario en Deluge en versiones anteriores a 1.3.14. La metodología de explotación implica (1) alojamiento de un plugin manipulado que ejecuta un programa arbitrario desde el archivo __init__.py y (2) provocando que la victima descargue, instale y habilite este complemento. • https://www.exploit-db.com/exploits/41541 http://dev.deluge-torrent.org/wiki/ReleaseNotes/1.3.14 http://git.deluge-torrent.org/deluge/commit/?h=1.3-stable&id=318ab179865e0707d7945edc3a13a464a108d583 http://git.deluge-torrent.org/deluge/commit/?h=develop&id=11e8957deaf0c76fdfbac62d99c8b6c61cfdddf9 http://seclists.org/fulldisclosure/2017/Mar/6 http://www.debian.org/security/2017/dsa-3856 http://www.securityfocus.com/bid/97041 https://bugs.debian.org/857903 https://security.gentoo.org/glsa/ • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.8EPSS: 5%CPEs: 2EXPL: 1

The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service (stack exhaustion and crash) via a crafted bencoded message. La función recursiva bdecode en include/libtorrent/bencode.hpp en Rasterbar Software libtorrent versiones anteriores a 0.12.1, usado en Deluge versiones anteriores a 0.5.8.3 y en otros productos, permite a atacantes según contexto provocar una denegación de servicio (agotamiento de pila y caída) a través de un mensaje bencoded manipulado. • http://deluge-torrent.org/Changelog.php http://libtorrent.svn.sourceforge.net/viewvc/libtorrent/branches/RC_0_12/include/libtorrent/bencode.hpp?r1=956&r2=1968&pathrev=1968 http://libtorrent.svn.sourceforge.net/viewvc/libtorrent/branches/RC_0_12/include/libtorrent/bencode.hpp?view=log&pathrev=1968#rev1968 http://libtorrent.svn.sourceforge.net/viewvc/libtorrent/branches/RC_0_13/include/libtorrent/bencode.hpp?view=log&pathrev=1968 http://libtorrent.svn.sourceforge.net/viewvc/libtorrent/trunk/include/libtorrent/benco • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •