Torrentflux
Monthly
TorrentFlux 2.4 allows remote authenticated users to delete or modify other users' cookies via the cid parameter in an editCookies action to profile.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
TorrentFlux 2.4 allows remote authenticated users to obtain other users' cookies via the cid parameter in an editCookies action to profile.php. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
TorrentFlux 2.4 allows remote authenticated users to delete or modify other users' cookies via the cid parameter in an editCookies action to profile.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
TorrentFlux 2.4 allows remote authenticated users to obtain other users' cookies via the cid parameter in an editCookies action to profile.php. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.