Rivettracker
by Rivetcode
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2012-4993 | 0.04 | — | 0.06 | Sep 19, 2012 | torrent_functions.php in RivetTracker 1.03 and earlier does not properly restrict access, which allows remote attackers to have an unspecified impact. | ||
| CVE-2012-4996 | 0.03 | — | 0.01 | Sep 19, 2012 | Multiple SQL injection vulnerabilities in RivetTracker 1.03 and earlier allow remote attackers to execute arbitrary SQL commands via the hash parameter to (1) dltorrent.php or (2) torrent_functions.php. | ||
| CVE-2008-7207 | 0.00 | — | 0.00 | Sep 11, 2009 | RivetTracker before 1.0 stores passwords in cleartext in config.php, which allows local users to discover passwords by reading config.php. |
- CVE-2012-4993Sep 19, 2012risk 0.04cvss —epss 0.06
torrent_functions.php in RivetTracker 1.03 and earlier does not properly restrict access, which allows remote attackers to have an unspecified impact.
- CVE-2012-4996Sep 19, 2012risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in RivetTracker 1.03 and earlier allow remote attackers to execute arbitrary SQL commands via the hash parameter to (1) dltorrent.php or (2) torrent_functions.php.
- CVE-2008-7207Sep 11, 2009risk 0.00cvss —epss 0.00
RivetTracker before 1.0 stores passwords in cleartext in config.php, which allows local users to discover passwords by reading config.php.