Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
backup-database.php in TorrentTrader Classic 1.09 does not require administrative authentication, which allows remote attackers to create and download a backup database by making a direct request and then retrieving a .gz file from backups/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TorrentTrader Classic "backup-database.php" 权限管理与访问控制漏洞
Vulnerability Description
TorrentTrader是用PHP编写的torrent tracker平台 。 TorrentTrader Classic "backup-database.php" 存在权限管理与访问控制漏洞,没有正确地限制对backup-database.php脚本的访问。此外,该脚本在公开可访问的文件夹中创建了带有易猜测文件名的数据库dump 。
CVSS Information
N/A
Vulnerability Type
N/A