SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) by and (2) order parameters. NOTE: it is not clear whether this issue is exploitable.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-02-07T20:00:00
Updated: 2017-07-28T12:57:01
Reserved: 2007-02-07T00:00:00
Link: CVE-2006-6972
JSON object: View
NVD Information
Status : Modified
Published: 2007-02-07T20:28:00.000
Modified: 2017-07-29T01:29:45.860
Link: CVE-2006-6972
JSON object: View
Redhat Information
No data.
CWE