CVE-2025-64519

{"id": "CVE-2025-64519", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2025-11-10T23:15:41.833", "references": [{"url": "https://github.com/torrentpier/torrentpier/commit/6a0f6499d89fa5d6e2afa8ee53802a1ad11ece80", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/torrentpier/torrentpier/security/advisories/GHSA-4rwr-8c3m-55f6", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/torrentpier/torrentpier/security/advisories/GHSA-4rwr-8c3m-55f6", "tags": ["Exploit", "Vendor Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In versions up to and including 2.8.8, an authenticated SQL injection vulnerability exists in the moderator control panel (`modcp.php`). Users with moderator permissions can exploit this vulnerability by supplying a malicious `topic_id` (`t`) parameter. This allows an authenticated moderator to execute arbitrary SQL queries, leading to the potential disclosure, modification, or deletion of any data in the database. Although it requires moderator privileges, it is still severe. A malicious or compromised moderator account can leverage this vulnerability to read, modify, or delete data. A patch is available at commit 6a0f6499d89fa5d6e2afa8ee53802a1ad11ece80."}, {"lang": "es", "value": "TorrentPier es un motor de tracker BitTorrent P\u00fablico/Privado de c\u00f3digo abierto, escrito en PHP. En versiones hasta la 2.8.8 inclusive, existe una vulnerabilidad de inyecci\u00f3n SQL autenticada en el panel de control del moderador ('modcp.php'). Los usuarios con permisos de moderador pueden explotar esta vulnerabilidad suministrando un par\u00e1metro 'topic_id' ('t') malicioso. Esto permite a un moderador autenticado ejecutar consultas SQL arbitrarias, lo que lleva a la posible divulgaci\u00f3n, modificaci\u00f3n o eliminaci\u00f3n de cualquier dato en la base de datos. Aunque requiere privilegios de moderador, sigue siendo grave. Una cuenta de moderador maliciosa o comprometida puede aprovechar esta vulnerabilidad para leer, modificar o eliminar datos. Un parche est\u00e1 disponible en el commit 6a0f6499d89fa5d6e2afa8ee53802a1ad11ece80."}], "lastModified": "2025-12-31T17:55:04.723", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:torrentpier:torrentpier:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F57C690A-DAD4-4ED5-A231-CAD6D3F9813C", "versionEndIncluding": "2.8.8"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}