ID de Prueba:	1.3.6.1.4.1.25623.1.0.800522
Categoría:	Web application abuses
Título:	TorrentTrader Classic Multiple Vulnerabilities
Resumen:	TorrentTrader Classic is prone to multiple vulnerabilities.
Descripción:	Summary: TorrentTrader Classic is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws due to: improper validation of user-supplied input data to different parameters and Access to the '.php' scripts are not properly restricted. Vulnerability Impact: Successful exploitation will allow attacker to inject and execute arbitrary SQL queries via malicious SQL code, and can gain sensitive information about remote system user credentials and database. Affected Software/OS: TorrentTrader Classic version 1.09 and prior. Solution: Upgrade to TorrentTrader Classic version 2.0.6 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2156 BugTraq ID: 35369 http://www.securityfocus.com/bid/35369 Bugtraq: 20090615 [waraxe-2009-SA#074] - Multiple Vulnerabilities in TorrentTrader Classic 1.09 (Google Search) http://www.securityfocus.com/archive/1/504294/100/0/threaded https://www.exploit-db.com/exploits/8958 http://www.waraxe.us/advisory-74.html http://secunia.com/advisories/35456 XForce ISS Database: torrenttrader-multiplescripts-xss(51145) https://exchange.xforce.ibmcloud.com/vulnerabilities/51145 XForce ISS Database: torrenttrader-viewrequests-xss(51144) https://exchange.xforce.ibmcloud.com/vulnerabilities/51144 Common Vulnerability Exposure (CVE) ID: CVE-2009-2157 XForce ISS Database: torrenttrader-accountinbox-sql-injection(51143) https://exchange.xforce.ibmcloud.com/vulnerabilities/51143 XForce ISS Database: torrenttrader-browse-sql-injection(51142) https://exchange.xforce.ibmcloud.com/vulnerabilities/51142 XForce ISS Database: torrenttrader-choice-sql-injection(51179) https://exchange.xforce.ibmcloud.com/vulnerabilities/51179 XForce ISS Database: torrenttrader-delreq-sql-injection(51178) https://exchange.xforce.ibmcloud.com/vulnerabilities/51178 XForce ISS Database: torrenttrader-modrules-sql-injection(51180) https://exchange.xforce.ibmcloud.com/vulnerabilities/51180 XForce ISS Database: torrenttrader-report-sql-injection(51181) https://exchange.xforce.ibmcloud.com/vulnerabilities/51181 Common Vulnerability Exposure (CVE) ID: CVE-2009-2158 XForce ISS Database: torrenttrader-accountrecover-weak-security(51150) https://exchange.xforce.ibmcloud.com/vulnerabilities/51150 Common Vulnerability Exposure (CVE) ID: CVE-2009-2159 XForce ISS Database: torrenttrader-backupdatabase-info-disc(51147) https://exchange.xforce.ibmcloud.com/vulnerabilities/51147 Common Vulnerability Exposure (CVE) ID: CVE-2009-2160 XForce ISS Database: torrenttrader-check-info-disclosure(51148) https://exchange.xforce.ibmcloud.com/vulnerabilities/51148 XForce ISS Database: torrenttrader-phpinfo-info-disclosure(51149) https://exchange.xforce.ibmcloud.com/vulnerabilities/51149 Common Vulnerability Exposure (CVE) ID: CVE-2009-2161 XForce ISS Database: torrenttrader-ssuri-file-include(51146) https://exchange.xforce.ibmcloud.com/vulnerabilities/51146
Copyright	Copyright (C) 2009 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.