CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2006-6328 – torrentflux 2.2 - Arbitrary File Create/ Execute/Delete
https://notcve.org/view.php?id=CVE-2006-6328
Directory traversal vulnerability in index.php for TorrentFlux 2.2 allows remote attackers to create or overwrite arbitrary files via sequences in the alias_file parameter. Vulnerabilidad de salto de directorio en index.php para TorrentFlux 2.2 permite a atacantes remotos crear o sobrescribir ficheros de su elección mediante secuencias en el parámetro alias_file. • https://www.exploit-db.com/exploits/2786 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582 http://secunia.com/advisories/22880 •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 1CVE-2006-6330 – torrentflux 2.2 - Arbitrary File Create/ Execute/Delete
https://notcve.org/view.php?id=CVE-2006-6330
index.php for TorrentFlux 2.2 allows remote registered users to execute arbitrary commands via shell metacharacters in the kill parameter. index.php para TorrentFlux 2.2 permite a usuarios remotos registrados ejecutar comandos de su elección mediante meta caracteres de linea de comandos (shell) en el parámetro kill. • https://www.exploit-db.com/exploits/2786 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582 http://secunia.com/advisories/22880 •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2006-6329 – torrentflux 2.2 - Arbitrary File Create/ Execute/Delete
https://notcve.org/view.php?id=CVE-2006-6329
index.php for TorrentFlux 2.2 allows remote attackers to delete files by specifying the target filename in the delfile parameter. index.php para TorrentFlux 2.2 permite a atacantes remotos borrar ficheros especificando el nombre del fichero objetivo en el parámetro delfile. • https://www.exploit-db.com/exploits/2786 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582 http://secunia.com/advisories/22880 •