CVE-2009-2160

TorrentTrader Classic 1.09 - Info Disclosure

Title source: llm

Description

TorrentTrader Classic 1.09 allows remote attackers to (1) obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function; and allows remote attackers to (2) obtain other potentially sensitive information via a direct request to check.php.

Exploits (1)

exploitdb WRITEUP VERIFIED

by waraxe · textwebappsphp

https://www.exploit-db.com/exploits/8958

View Code ZIP pw:eip

References (7)

Core 7

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35456

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/51148

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/51149

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/35369

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/8958

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/504294/100/0/threaded

Exploit x_refsource_misc

http://www.waraxe.us/advisory-74.html

Scores

EPSS 0.0936

EPSS Percentile 92.8%

Details

CWE

CWE-264

Status published

Products (1)

torrenttrader/torrenttrader_classic 1.09

Published Jun 22, 2009

Tracked Since Feb 18, 2026