FKIE_CVE-2008-5906

Vulnerability from fkie_nvd - Published: 2009-01-15 17:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.
References
cve@mitre.orghttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504178
cve@mitre.orghttp://ktorrent.org/?q=node/23Vendor Advisory
cve@mitre.orghttp://openwall.com/lists/oss-security/2009/01/08/1
cve@mitre.orghttp://secunia.com/advisories/32442Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/32447Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/33675
cve@mitre.orghttp://secunia.com/advisories/34003
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200902-05.xml
cve@mitre.orghttp://www.securityfocus.com/bid/31927
cve@mitre.orghttp://www.ubuntu.com/usn/USN-711-1
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2911
cve@mitre.orghttps://bugs.gentoo.org/show_bug.cgi?id=244741
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/46118
af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504178
af854a3a-2127-422b-91ae-364da2661108http://ktorrent.org/?q=node/23Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2009/01/08/1
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32442Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32447Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33675
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34003
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200902-05.xml
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31927
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-711-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2911
af854a3a-2127-422b-91ae-364da2661108https://bugs.gentoo.org/show_bug.cgi?id=244741
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/46118
Impacted products
Vendor Product Version
ktorrent ktorrent *
ktorrent ktorrent 0.9
ktorrent ktorrent 1.0
ktorrent ktorrent 1.1
ktorrent ktorrent 1.2
ktorrent ktorrent 1.2
ktorrent ktorrent 1.2
ktorrent ktorrent 2.0
ktorrent ktorrent 2.0
ktorrent ktorrent 2.0
ktorrent ktorrent 2.0.1
ktorrent ktorrent 2.0.2
ktorrent ktorrent 2.0.3
ktorrent ktorrent 2.1
ktorrent ktorrent 2.1
ktorrent ktorrent 2.1
ktorrent ktorrent 2.1.1
ktorrent ktorrent 2.1.2
ktorrent ktorrent 2.1.3
ktorrent ktorrent 2.1.4
ktorrent ktorrent 2.2
ktorrent ktorrent 2.2
ktorrent ktorrent 2.2
ktorrent ktorrent 2.2.1
ktorrent ktorrent 2.2.2
ktorrent ktorrent 2.2.3
ktorrent ktorrent 2.2.4
ktorrent ktorrent 2.2.5
ktorrent ktorrent 2.2.6
ktorrent ktorrent 2.2.7
ktorrent ktorrent 2.2.8
ktorrent ktorrent 3.0
ktorrent ktorrent 3.0
ktorrent ktorrent 3.0.0
ktorrent ktorrent 3.0.1
ktorrent ktorrent 3.0.2
ktorrent ktorrent 3.1.1
ktorrent ktorrent 3.1.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8025283-BC2B-4B33-8870-4339B8E72885",
              "versionEndIncluding": "3.1.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C135250-74F9-407F-BF3F-74AC0B6283BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DBF924C-9DC8-49A3-809D-C9C2D166FCF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B98B1318-4EDB-49F5-B39F-536B7D4F9D2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3FEFCAD-9F02-4DD7-BEB2-CCF76BE4CD3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:1.2:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "5ABF1AF9-F645-4E38-AD21-43F363CDC774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:1.2:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "F76C3120-59ED-4B34-9138-C5E12C3A43C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE350CBD-5B58-4C3E-80C4-CF2689B590B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "3D2C64FA-B341-42F7-AD05-663B2D1C89E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1F74623A-DB49-42F1-A82A-851C36F3F2A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1A49AEA-0406-4B77-A613-0872A129E020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BBC44F4-D3F3-4140-A7B6-58DCF0CB95DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "009FC942-5A24-4C09-BB0F-990EF13C3BEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "80D1BCF4-1215-4284-9167-409C9F2D3686",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.1:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "01FC83B5-1A34-4E54-BC05-27903C8D76C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.1:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "52FAF04B-8043-495A-B68D-BEC80707D7B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D124FEE2-D7D8-4F22-89A0-0DEB23C118F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "65074E3F-BD29-4D38-9A82-44AE5CCBA1B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "332E5BA7-E581-4256-BE23-9DE0A93ECC6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6760D0F-EBDC-4357-8A1F-330AED46C27D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "89958A00-844E-4AC6-B9F9-128F4ED2BFF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.2:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "B2EE31B1-612F-47AF-A003-434B73D09CBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.2:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "7323A1A4-6AD8-45D1-92C9-A485A2404453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1984EEE-7555-417C-A068-A95D9E87DB6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A00B1A7-2C05-49A0-AD87-E0016E9AD8E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "44495B44-7EBD-4443-98D4-203EADFBD96D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D10469C7-FDAF-45B9-91AD-E083385D940C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E8F37F5-B52A-4302-AE36-BD3677E57B96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B5D785-ADF8-4929-BC0B-3DB7BC5A9A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7093A493-B85B-461C-A1A3-21117418B9F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ADAB09F-3A65-43F2-9772-811D26E3AA14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:3.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "87174F64-B01F-4D76-BEC0-630512C437B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:3.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "E9A0A18F-1FA6-4D99-AD43-D7D61B8C844F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CC400A2-4ED0-4361-BF3E-7029182B9D83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D4295F0-17C9-4975-9AD5-97D283CB5C12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A01004DB-5098-43C0-9EFA-BD5E56411632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EF76451-B112-4836-B8BF-7E74B1252192",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ktorrent:ktorrent:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "484C3B3E-0971-4C11-9815-A90B450159D3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface\u0027s PHP scripts."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de inyecci\u00f3n Eval (evaluaci\u00f3n directa de c\u00f3digo din\u00e1mico) en el plugin del interfaz web en KTorrent anteriores a v3.1.4 permite a atacantes remotos ejecutar c\u00f3digo PHP a su elecci\u00f3n a trav\u00e9s de par\u00e1metros inespecificos a las secuencias de comandos PHP del interfaz."
    }
  ],
  "id": "CVE-2008-5906",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-01-15T17:30:00.420",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504178"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://ktorrent.org/?q=node/23"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2009/01/08/1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32442"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32447"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/33675"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/34003"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200902-05.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/31927"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-711-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/2911"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=244741"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504178"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://ktorrent.org/?q=node/23"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2009/01/08/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32447"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200902-05.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-711-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=244741"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46118"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.