CVE-2009-2159

CVE-2009-2159 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

backup-database.php in TorrentTrader Classic 1.09 does not require administrative authentication, which allows remote attackers to create and download a backup database by making a direct request and then retrieving a .gz file from backups/.

Learn more about our Web Application Penetration Testing UK.