CVE-2009-2161

Metadata

CVE-2009-2161
5.1
securityfocus.com, securityfocus.com, waraxe.us, exchange.xforce.ibmcloud.com, exploit-db.com
2009-06-22
2017-09-29 06:09

Description

Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic 1.09, when used on a case-insensitive web site, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ss_uri parameter, in conjunction with a modified component name.

Related Vulnerabilities