VYPR

Vuze

by Vuze

CVEs (2)

  • CVE-2018-13417CriAug 13, 2018
    risk 0.68cvss 9.8epss 0.21

    In Vuze Bittorrent Client 5.7.6.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same…

  • CVE-2008-6587Apr 3, 2009
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze (formerly Azureus HTML WebUI), probably 0.7.6, allows remote attackers to hijack the authentication of users for requests that force the download of arbitrary torrent files via the upurl parameter.