Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4494

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-4494
Last Modified 17 Feb 2009 01:52:07
Published 08 Oct 2008 08:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4494

Summary

SQL injection vulnerability in completed-advance.php in TorrentTrader Classic 1.08 and 1.04 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Vulnerable Systems

Application

  • Torrenttrader 1.04

  • Torrenttrader 1.08


References

XF - torrenttrader-id-sql-injection(45728)

BID - 31626

MILW0RM - 6698

SREASON - 4375

SECUNIA - 32118


Last Updated: 27 May 2016 10:48:31