Paper on poisoning a torrent's peer swarm with large numbers of fake peers, including proof of concept code. Works on most trackers. Could possibly be adapted to perform a reflected denial of service (DRDoS) on a target.
9ef8fa4913dfc7ea605f7ff92cc9b58d17bb8847b4e976ba538c2d898c68c01eTorrent iPod Video Converter version 1.51 suffers from a stack overflow vulnerability.
6841f495b852501a439f794e6afd2782a70855697efd15cadc9802173a931e21Torrent 3GP Converter version 1.51 suffers from a stack overflow vulnerability.
0a6bf57e311da6213ff5f4ff1f5e598ded42f0dd078d113f7b8f6fe9042d668bTorrent FLV Converter version 1.51 Build 117 suffers from a stack overflow vulnerability.
4c9f73fd027f78ea445632f6526334adbb2e12d4db21f42bb9ede94a818fc8bbTorrent-Stats suffers from a denial of service vulnerability in httpd.c.
800bc0f63fdba947738b01388e1c4834532ab1fc95c5b2912e467da4293d8011Torrent DVD Creator DLL hijacking exploit.
3250a346dcdce2e6dfeed0577e061da35d7711bf2f1b74278e2934e35ef7fb95Torrent Hoster suffers from cross site scripting and shell upload vulnerabilities.
d561d9c57c4c45153f35b831159f2adc36530ceae6b48149640597bf2a53c274TorrentVolve version 1.4 suffers from an arbitrary file deletion vulnerability.
669624fda8d98361ab647d071d3ab13e5bb6c07000717bb5f7f1d45b87e8d58bTorrentTrader Classic versions 1.04 and below blind SQL injection exploit.
619fb4cce3382e6c5f396f613b1dd1e9010815ad0632b174c54e05122836e6cdTorrent Trader Classic versions 1.08 and below suffer from a SQL injection vulnerability.
c2f73139f5eae1370ad4924edbad0a721885c8788ef74ca1534053ea45ef4bb3uTorrent, Azurues, and TorrentFlux all suffer from cross site request forgery vulnerabilities in their WebUI functionality.
0c77874a8b315936bd78c690d6f9b19703cbc2bb9b80c1c2a0634de438d0f593TorrentTrader Classic version 1.08 suffers from cross site scripting and cross site request forgery vulnerabilities.
b3da5c9e4f961ebc206e4980fc7cbcfd036ae4397c52cb3e760ef9109be214edTorrentTrader Classic version 1.07 suffers from local file inclusion and cross site scripting vulnerabilities.
9184716dfb3f500eb8b9882cdb3a250cf278fe5bdf7a5f7dfbaa1a87102f33a8TorrentFlux version 2.2 suffers from arbitrary file creation/deletion/overwrite as well as a command execution vulnerability.
5e9b1feeb64e4868fc0e0c12fdfe8661b4b35e3c0e503ba2625406fba125de59TorrentFlux 2.1 doesn't properly sanitize user input passed via the "dir" GET variable thus allowing anyone to get a list of files anywhere on the system.
82396ecba330189442653cc67928c3cf56d83a210ab195d99c98ba811df0d958Data passed to the users array is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrators browser session in context of an affected site when the Activity Log is viewed.
cc67de8d3167145440b4ed145030b423dd22807da9517ae0f71cfb1c16061d66Input passed to the file variable is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrators browser session in context of an affected site when the Activity Log is viewed. An example is attempting to login with an incorrect username or password. Where the username field of /login.php contains the arbitrary code.
9aa26d8519a316bcf4e01169b7db8644df7dfeb5b855c28b4f3f0a3526069f81Input passed to the action variable is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrators browser session in context of an affected site when the Activity Log is viewed.
a6102b2fa441bfbc1fcb269869a3b548e081841bdfd6312411c60a6b99c6e401Input passed to the "torrent" field of a GET Request is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an users browser session in context of an affected site if a user clicks on a malicious link.
6a6b34ce2afcfa0432decb731a485ffde68dda4a0bce0e1f03541dbea8424bcdTorrentflux version 2.1 suffers from a cross site scripting condition using the User-Agent as an attack vector.
0f07a88c880c17dce4534f254853cd0093f594d4d3c8c9cae9c901af8406bba9Torrential version 1.2 is susceptible to directory traversal attacks.
c7bf8e3081823b5976ffb184e97f79a21ce20602f215062939de5c7fbd892b2eProof of concept PHP exploit that makes use of a SQL injection vulnerability in TorrentTrader version 1.0 RC2.
9dce80108f836bd4eddb0de491a4df30d5452b7e1a68e5c6138b0452f93c7280
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed