CVE-2009-2157

Name of the Vulnerable Software and Affected Versions TorrentTrader Classic version 1.09

Description The issue allows remote authenticated users and attackers to execute arbitrary SQL commands. This can be achieved through various parameters in different PHP files, including origmsg in account-inbox.php, categ in delreq.php and admin-delreq.php, choice in index.php, id in modrules.php, user, torrent, forumid, and forumpost in report.php, delmp in take-deletepm.php, delreport in takedelreport.php, delreq in takedelreq.php, clases in takestaffmess.php, and warndisable in takewarndisable.php. Additionally, remote attackers can execute arbitrary SQL commands via the wherecatin parameter in browse.php, the limit parameter in today.php, and the where parameter in torrents-details.php.

Recommendations For TorrentTrader Classic version 1.09, consider disabling the vulnerable parameters until a patch is available. Specifically, restrict access to the origmsg, categ, choice, id, user, torrent, forumid, forumpost, delmp, delreport, delreq, clases, and warndisable parameters in their respective PHP files. Also, avoid using the wherecatin, limit, and where parameters in browse.php, today.php, and torrents-details.php respectively, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.