Summary
This host is running TorrentTrader Classic and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attacker to inject and execute arbitrary SQL queries via malicious SQL code, and can gain sensitive information about remote system user credentials and database.
Impact level: Application/System
Solution
Upgrade to TorrentTrader Classic version 2.0.6 or later For updates refer to http://sourceforge.net/projects/torrenttrader
Insight
Multiple flaws due to,improper validation of user-supplied input data to different parametes and Access to the '.php' scripts are not properly restricted.
Affected
TorrentTrader Classic version 1.09 and prior.
References
Severity
Classification
-
CVE CVE-2009-2156, CVE-2009-2157, CVE-2009-2158, CVE-2009-2159, CVE-2009-2160, CVE-2009-2161 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities