Eleanor

**Name of the Vulnerable Software and Affected Versions** KTorrent versions prior to 3.1.4 **Description** The issue allows remote attackers to bypass intended access restrictions. Attackers can upload arbitrary torrent files, trigger the start of downloads, and initiate seeding via a crafted HTTP POST request. **Recommendations** For versions prior to 3.1.4, update to version 3.1.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** KTorrent versions prior to 3.1.4 **Description** The issue concerns an eval injection vulnerability in the web interface plugin, allowing remote attackers to execute arbitrary PHP code via unspecified parameters to the interface's PHP scripts. **Recommendations** For versions prior to 3.1.4, update to version 3.1.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface plugin until the update is applied.