All errata/sisyphus/ALT-PU-2024-18425-1
ALT-PU-2024-18425-1

Package update ktorrent in branch sisyphus

Version24.08.1-alt1
Task#358301
Published2024-10-23
Max severityMEDIUM
Severity:

Closed issues (2)

CVE-2008-5905
MEDIUM4.3

The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.

Published: 2009-01-15Modified: 2026-04-23
CVSS 2.0MEDIUM 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N
References
CVE-2008-5906
MEDIUM6.8

Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.

Published: 2009-01-15Modified: 2026-04-23
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
References