VYPR
Vendor

Torrentpier

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2024-1651CriFeb 20, 2024
    risk 0.68cvss 10.0epss 0.34

    Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to insecure deserialization.

  • CVE-2024-40624CriJul 15, 2024
    risk 0.57cvss 9.8epss 0.01

    TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In `torrentpier/library/includes/functions.php`, `get_tracks()` uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain…

  • CVE-2025-64519Nov 10, 2025
    risk 0.00cvss epss 0.00

    TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In versions up to and including 2.8.8, an authenticated SQL injection vulnerability exists in the moderator control panel (`modcp.php`). Users with moderator permissions can exploit this…