Gentoo Linux Security Advisory GLSA 200902-05 - Two vulnerabilities in the web interface plugin in KTorrent allow for remote execution of code and arbitrary torrent uploads. The web interface plugin does not restrict access to the torrent upload functionality and does not sanitize request parameters properly. Versions less than 2.2.8 are affected.
c4c350dad6019e04a68c9d6410f34768d01ee2a60ff99dbc4ee04ab98e4bc81b
Ubuntu Security Notice USN-711-1 - It was discovered that KTorrent did not properly restrict access when using the web interface plugin. A remote attacker could use a crafted http request and upload arbitrary torrent files to trigger the start of downloads and seeding. It was discovered that KTorrent did not properly handle certain parameters when using the web interface plugin. A remote attacker could use crafted http requests to execute arbitrary PHP code.
e5412200111b9d231ff2dbf237f53462e98eff34b2802840cc8d8e25f843b5ea