Multiple SQL injection vulnerabilities in RivetTracker 1.03 and earlier allow remote attackers to execute arbitrary SQL commands via the hash parameter to (1) dltorrent.php or (2) torrent_functions.php.
Max CVSS
7.5
EPSS Score
0.97%
Published
2012-09-19
Updated
2017-08-29
torrent_functions.php in RivetTracker 1.03 and earlier does not properly restrict access, which allows remote attackers to have an unspecified impact.
Max CVSS
7.5
EPSS Score
0.64%
Published
2012-09-19
Updated
2012-09-21
RivetTracker before 1.0 stores passwords in cleartext in config.php, which allows local users to discover passwords by reading config.php.
Max CVSS
2.1
EPSS Score
0.04%
Published
2009-09-11
Updated
2009-09-11
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!