SQL injection bug found in TBSource.
A vulnerability found in the popular bittorrent tracker TBSource code allows an attacker to inject SQL queries and read secret information from the database. The value of 'choice' passed to the script index.php is not properly sanitized. When a special tailored value is passed by an attacker, ful...