Vulnerabilities (CVE)

Filtered by vendor Btitracker Subscribe
Filtered by product Btitracker
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-7159 2 Bti-tracker, Btitracker 2 Bti-tracker, Btitracker 2024-11-21 6.4 MEDIUM N/A
Directory traversal vulnerability in include/prune_torrents.php in BTI-Tracker 1.3.2 (aka btitracker) allows remote attackers to delete arbitrary files via ".." sequences in the TORRENTSDIR parameter in a prune action.
CVE-2006-6972 1 Btitracker 1 Btitracker 2024-11-21 7.5 HIGH N/A
SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) by and (2) order parameters. NOTE: it is not clear whether this issue is exploitable.