CVE-2009-2156

Name of the Vulnerable Software and Affected Versions TorrentTrader Classic version 1.09

Description The issue allows remote authenticated users and attackers to inject arbitrary web script or HTML via several parameters and fields, including the Title field to requests.php, the Torrent Name field to torrents-upload.php, the ttversion parameter to themes/default/footer.php, the SITENAME and CURUSER[username] parameters to themes/default/header.php, the todayactive parameter to visitorstoday.php, the activepeople parameter to visitorsnow.php, the faq categ[999][title] parameter to faq.php, and the keepget parameter to torrents-details.php. API Endpoints and parameters involved include: "requests.php", "torrents-upload.php", "themes/default/footer.php", "themes/default/header.php", "visitorstoday.php", "visitorsnow.php", "faq.php", and "torrents-details.php" with parameters such as ttversion, SITENAME, CURUSER[username], todayactive, activepeople, faq categ[999][title], and keepget.

Recommendations For TorrentTrader Classic version 1.09, consider disabling the vulnerable parameters and fields, such as ttversion, SITENAME, CURUSER[username], todayactive, activepeople, faq categ[999][title], and keepget, and restrict access to the affected API endpoints until a patch is available. Avoid using the Title field in "requests.php" and the Torrent Name field in "torrents-upload.php" until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.