VYPR
Unrated severityNVD Advisory· Published Apr 3, 2009· Updated Jun 16, 2026

CVE-2008-6587

CVE-2008-6587

Description

Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze (formerly Azureus HTML WebUI), probably 0.7.6, allows remote attackers to hijack the authentication of users for requests that force the download of arbitrary torrent files via the upurl parameter.

Affected products

3
  • Vuze/Vuze2 versions
    cpe:2.3:a:vuze:vuze:0.7.6:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:vuze:vuze:0.7.6:*:*:*:*:*:*:*
    • (no CPE)range: 0.7.6
  • Range: 0.7.6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.