Btitracker : Security Vulnerabilities, CVEs, Published In 2007
Directory traversal vulnerability in include/prune_torrents.php in BTI-Tracker 1.3.2 (aka btitracker) allows remote attackers to delete arbitrary files via ".." sequences in the TORRENTSDIR parameter in a prune action.
Max CVSS
6.4
EPSS Score
0.47%
Published
2007-03-07
Updated
2018-10-16
SQL injection in torrents.php in BtitTracker 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) by and (2) order parameters. NOTE: it is not clear whether this issue is exploitable.
Max CVSS
7.5
EPSS Score
0.91%
Published
2007-02-07
Updated
2017-07-29
2 vulnerabilities found