Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) file, and (3) users array variables in (a) admin.php, which are not properly handled when the administrator views the Activity Log; and the (4) torrent parameter, as used by the displayName variable, in (b) startpop.php, different vectors than CVE-2006-5227.
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
| Link | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/448948/100/0/threaded | mailing list |
| http://www.vupen.com/english/advisories/2006/4043 | vdb entry vendor advisory |
| http://www.securityfocus.com/archive/1/448947/100/0/threaded | mailing list |
| http://www.securityfocus.com/archive/1/448619/100/100/threaded | mailing list |
| http://www.stevenroddis.com.au/2006/10/13/torrentflux-startpopphp-torrent-script-insertion/ | exploit |
| http://www.securityfocus.com/archive/1/448952/100/0/threaded | mailing list |
| http://secunia.com/advisories/22384 | third party advisory vendor advisory |
| http://www.stevenroddis.com.au/2006/10/17/torrentflux-user_id-script-insertion/ | exploit |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29592 | vdb entry |
| http://www.securityfocus.com/bid/20534 | vdb entry |
| http://www.stevenroddis.com.au/2006/10/17/torrentflux-file-script-insertion/ | exploit |
| http://www.stevenroddis.com.au/2006/10/17/torrentflux-action-script-insertion/ | exploit |