CNNVD-202511-881 Information

CNNVD ID

CNNVD-202511-881

Related CVE

CVE-2025-64519

• CNNVD Published: 2025-11-10

Description (Chinese)

Torrentpier TorrentPier是Torrentpier公司的一个公牛驱动的 BitTorrent 公共/私人跟踪器引擎。 Torrentpier TorrentPier 2.8.8及之前版本存在SQL注入漏洞，该漏洞源于modcp.php中对topic_id参数处理不当，可能导致SQL注入攻击。

Description (English)

Torrentpier Torrentpier is a bull-driven BitTorrent public/private tracker engine of Torrentpier. Torrentpier Torrentpier 2.8.8 and earlier versions had an injection loophole in SQL, which originated from the mishandling of topic id parameters in modcp.php, which could lead to an attack on SQL.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

Torrentpier

Published

2025-11-10

Last Modified

2026-02-24

References

https://github.com/torrentpier/torrentpier/security/advisories/GHSA-4rwr-8c3m-55f6 https://github.com/torrentpier/torrentpier/commit/6a0f6499d89fa5d6e2afa8ee53802a1ad11ece80 https://access.redhat.com/security/cve/cve-2025-64519