Browse all 3 CVE security advisories affecting Torrentpier. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Torrentpier is a PHP-based BitTorrent tracker designed for managing file sharing communities. Historically, it has been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure authentication mechanisms. The software's open-source nature has led to multiple security disclosures, with three CVEs recorded to date. While no major public security incidents have been widely documented, the persistent presence of vulnerabilities in older versions highlights the importance of regular updates and secure coding practices for implementations handling sensitive peer-to-peer communications.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-64519 | TorrentPier is Vulnerable to Authenticated SQL Injection through Moderator Control Panel's topic_id parameter — torrentpierCWE-89 | 8.8 | High | 2025-11-10 |
| CVE-2024-40624 | Deserialization of untrusted data in torrentpier/torrentpier — torrentpierCWE-502 | 9.8 | Critical | 2024-07-15 |
| CVE-2024-1651 | Torrentpier 2.4.1 - RCE — TorrentpierCWE-502 | 10.0 | Critical | 2024-02-19 |
This page lists every published CVE security advisory associated with Torrentpier. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.