Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
TorrentTrader 1.07 and earlier sets insecure permissions for files in the root directory, which allows attackers to execute arbitrary PHP code by modifying (1) disclaimer.txt, (2) sponsors.txt, and (3) banners.txt, which are used in an include call. NOTE: there might be local attack vectors that extend to other files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TorrentTrader 多个本地特权提升漏洞
Vulnerability Description
TorrentTrader 1.07版本及其早期版本设置根目录中的非安全许可文件,这会允许攻击者通过修改(1) disclaimer.txt, (2) sponsors.txt, 和(3) banners.txt, 且这些文件都在include调用程序中运行,以执行任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A