EIP-2026-112751

This PHP script demonstrates a SQL injection vulnerability in TorrentTrader 1.0 RC2 by exploiting unsanitized input in the 'id' parameter of download.php. It retrieves the administrator's username and password hash via a UNION-based SQL injection attack.