backup-database.php in TorrentTrader Classic 1.09 does not require administrative authentication, which allows remote malicious users to create and download a backup database by making a direct request and then retrieving a .gz file from backups/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
torrenttrader torrenttrader classic 1.09 |