Unrated severityNVD Advisory· Published Jan 15, 2009· Updated Apr 23, 2026
CVE-2008-5905
CVE-2008-5905
Description
The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.
Affected products
38cpe:2.3:a:ktorrent:ktorrent:*:*:*:*:*:*:*:*+ 37 more
- cpe:2.3:a:ktorrent:ktorrent:*:*:*:*:*:*:*:*range: <=3.1.3
- cpe:2.3:a:ktorrent:ktorrent:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:1.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:1.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.1:beta1:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.2:beta1:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:2.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:3.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ktorrent:ktorrent:3.1.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- ktorrent.orgnvdVendor Advisory
- secunia.com/advisories/32442nvdVendor Advisory
- secunia.com/advisories/32447nvdVendor Advisory
- bugs.debian.org/cgi-bin/bugreport.cginvd
- openwall.com/lists/oss-security/2009/01/08/1nvd
- secunia.com/advisories/33675nvd
- secunia.com/advisories/34003nvd
- security.gentoo.org/glsa/glsa-200902-05.xmlnvd
- www.securityfocus.com/bid/31927nvd
- www.ubuntu.com/usn/USN-711-1nvd
- www.vupen.com/english/advisories/2008/2911nvd
- bugs.gentoo.org/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/46117nvd
News mentions
0No linked articles in our index yet.