CVE search results

1 – 5 of 5 results

Detailed view

Sort by:

CVE-2008-5906

Medium priority

Some fixes available 3 of 4

Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.

3 affected packages

ktorrent, ktorrent-kde4, ktorrent2.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ktorrent	—	—	—	—	—
ktorrent-kde4	—	—	—	—	—
ktorrent2.2	—	—	—	—	—

CVE-2008-5905

Medium priority

Some fixes available 3 of 4

The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.

3 affected packages

ktorrent, ktorrent-kde4, ktorrent2.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ktorrent	—	—	—	—	—
ktorrent-kde4	—	—	—	—	—
ktorrent2.2	—	—	—	—	—

CVE-2007-1799

Unknown priority

Fixed

Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename,...

1 affected packages

ktorrent

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ktorrent	—	—	—	—	—

CVE-2007-1385

Unknown priority

Fixed

chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to cause a denial of service (crash) and heap corruption via a negative or large idx value.

1 affected packages

ktorrent

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ktorrent	—	—	—	—	—

CVE-2007-1384

Unknown priority

Fixed

Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.2 allows remote attackers to overwrite arbitrary files via ".." sequences in a torrent filename.

1 affected packages

ktorrent

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ktorrent	—	—	—	—	—

Search CVE reports