CVE-2007-4435 Information

Description

Multiple SQL injection vulnerabilities in TorrentTrader before 1.07 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) account-inbox.php (2) account-settings.php and possibly (3) backend/functions.php.

Reference

http://secunia.com/advisories/26504 http://www.osvdb.org/36598 http://www.osvdb.org/36599 http://www.osvdb.org/36600 http://www.securityfocus.com/bid/25369 http://www.torrenttrader.org/index.php?showtopic=5776 http://www.torrenttrader.org/index.php?showtopic=6255 https://exchange.xforce.ibmcloud.com/vulnerabilities/36119