CVE-2009-2159

2009-06-2219:00:00

mitre

www.cve.org

0.006 Low

EPSS

Percentile

78.5%

JSON

backup-database.php in TorrentTrader Classic 1.09 does not require administrative authentication, which allows remote attackers to create and download a backup database by making a direct request and then retrieving a .gz file from backups/.

References

secunia.com/advisories/35456

www.securityfocus.com/archive/1/504294/100/0/threaded

www.securityfocus.com/bid/35369

www.waraxe.us/advisory-74.html

exchange.xforce.ibmcloud.com/vulnerabilities/51147

www.exploit-db.com/exploits/8958

0.006 Low

EPSS

Percentile

78.5%

JSON

Related for CVELIST:CVE-2009-2159