{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T11:45:29.804","vulnerabilities":[{"cve":{"id":"CVE-2008-6587","sourceIdentifier":"cve@mitre.org","published":"2009-04-03T18:30:00.280","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze (formerly Azureus HTML WebUI), probably 0.7.6, allows remote attackers to hijack the authentication of users for requests that force the download of arbitrary torrent files via the upurl parameter."},{"lang":"es","value":"Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en index.tmpl en Vuze (anteriormente conocido como Azureus HTML WebUI), probablemente la v0.7.6, permite a atacantes remotos secuestrar la autenticación de los usuarios en las peticiones que fuerzan la descarga de ficheros torrent de modo arbitrario a través del parámetro \"upurl\"."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vuze:vuze:0.7.6:*:*:*:*:*:*:*","matchCriteriaId":"C6DCD74D-380D-44EE-A407-8A2F9155C60C"}]}]}],"references":[{"url":"http://www.securityfocus.com/archive/1/491066/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/28848","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/41926","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/491066/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/28848","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/41926","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}